WN16-00-000200 - Non-administrative accounts or groups must only have print permissions on printer shares.

Information

Windows shares are a means by which files, folders, printers, and other resources can be published for network users to access. Improper configuration can permit access to devices and data beyond a user's need.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Configure the permissions on shared printers to restrict standard users to only have Print permissions.

See Also

https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_MS_Windows_Server_2016_V2R3_STIG.zip

Item Details

References: CAT|III, CCI|CCI-000213, Rule-ID|SV-224836r569186_rule, STIG-ID|WN16-00-000200, STIG-Legacy|SV-87909, STIG-Legacy|V-73257, Vuln-ID|V-224836

Plugin: Windows

Control ID: ada0e69a3ee2914acdfbc0b19f195b4adb75c1e62c138c682d28eab0cf11badb