800-53|AC-6(7)

Title

REVIEW OF USER PRIVILEGES

Description

The organization:

Supplemental

The need for certain assigned user privileges may change over time reflecting changes in organizational missions/business function, environments of operation, technologies, or threat. Periodic review of assigned user privileges is necessary to determine if the rationale for assigning such privileges remains valid. If the need cannot be revalidated, organizations take appropriate corrective actions.

Reference Item Details

Reference: NIST 800-53 - Security and Privacy Controls for Federal Information Systems and Organizations

Related: CA-7

Category: ACCESS CONTROL

Parent Title: LEAST PRIVILEGE

Family: ACCESS CONTROL

Audit Items

View all Reference Audit Items

Name	Plugin	Audit Name
1.1 - SerializedSystemIni.dat Password File is not Protected	Windows	TNS Oracle WebLogic Server 11 Windows Best Practices
1.1.1.2.1.54 Set 'Network access: Remotely accessible registry paths and sub-paths'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.1.54 Set 'Network access: Remotely accessible registry paths and sub-paths'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.1.70 Set 'Network access: Remotely accessible registry paths'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.1.70 Set 'Network access: Remotely accessible registry paths'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.1 Set 'Allow log on through Terminal Services' to 'Administrators'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.2 Set 'Allow log on through Terminal Services' to 'Administrators, Remote desktop Users'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.3 Set 'Take ownership of files or other objects' to 'Administrators'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.3 Set 'Take ownership of files or other objects' to 'Administrators'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.10 Set 'Adjust memory quotas for a process' to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.10 Set 'Adjust memory quotas for a process' to 'Administrators, LOCAL SERVICE, NETWORK SERVICE'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.11 Configure 'Generate security audits'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.11 Configure 'Generate security audits'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.12 Set 'Shut down the system' to 'Administrators'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.12 Set 'Shut down the system' to 'Administrators'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.13 Configure 'Increase scheduling priority'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.13 Configure 'Increase scheduling priority'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.14 Set 'Replace a process level token' to 'LOCAL SERVICE, NETWORK SERVICE'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.14 Set 'Replace a process level token' to 'LOCAL SERVICE, NETWORK SERVICE'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.15 Configure 'Add workstations to domain'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.16 Configure 'Change the system time'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.16 Configure 'Change the system time'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.17 Configure 'Restore files and directories'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.17 Configure 'Restore files and directories'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.18 Configure 'Create a token object'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.18 Configure 'Create a token object'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.19 Configure 'Synchronize directory service data'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.19 Configure 'Synchronize directory service data'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.20 Set 'Profile system performance' to 'Administrators'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.20 Set 'Profile system performance' to 'Administrators'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.21 Configure 'Access this computer from the network'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.21 Configure 'Access this computer from the network'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.22 Set 'Profile single process' to 'Administrators'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.22 Set 'Profile single process' to 'Administrators'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.23 Configure 'Impersonate a client after authentication'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.23 Configure 'Impersonate a client after authentication'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.24 Set 'Create a pagefile' to 'Administrators'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.24 Set 'Create a pagefile' to 'Administrators'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.25 Set 'Deny log on as a batch job' to 'Guests'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.25 Set 'Deny log on as a batch job' to 'Guests'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.26 Set 'Deny log on through Terminal Services' to 'Guests'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.26 Set 'Deny log on through Terminal Services' to 'Guests'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.27 Configure 'Act as part of the operating system'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.27 Configure 'Act as part of the operating system'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.28 Configure 'Back up files and directories'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.28 Configure 'Back up files and directories'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.29 Set 'Log on as a service' to 'NETWORK SERVICE'	Windows	CIS Windows 2003 MS v3.1.0
1.1.1.2.3.29 Set 'Log on as a service' to 'NETWORK SERVICE'	Windows	CIS Windows 2003 DC v3.1.0
1.1.1.2.3.30 Set 'Deny access to this computer from the network' to 'ANONYMOUS LOGON, Guests'	Windows	CIS Windows 2003 MS v3.1.0
1.04 Windows Oracle Account - 'Deny Log on Locally Right'	Windows	CIS v1.1.0 Oracle 11g OS Windows Level 1

Detections

Analytics