Skip to content

Commit

Permalink
Review Windows 2012 R2 policies
Browse files Browse the repository at this point in the history
  • Loading branch information
@cristgl
cristgl committed Jun 18, 2019
1 parent bc75ae2 commit ca40ca6
Show file tree
Hide file tree
Showing 3 changed files with 62 additions and 5 deletions.
2 changes: 1 addition & 1 deletion sca/windows/cis_win2012r2_domainL1_rcl.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -495,7 +495,7 @@ checks:
rules:
- 'r:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters'
- 'r:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters -> NullSessionShares'
- 'r:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters -> NullSessionShares -> r:^$'
- 'not r:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters -> NullSessionShares -> r:\.'
- id: 8033
title: "Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves'"
description: "This policy setting determines how network logons that use local accounts are authenticated. The Classic option allows precise control over access to resources, including the ability to assign different types of access to different users for the same resource. The Guest only option allows you to treat all users equally. In this context, all users authenticate as Guest only to receive the same access level to a given resource. The recommended state for this setting is: Classic - local users authenticate as themselves. Note: This setting does not affect interactive logons that are performed remotely by using such services as Telnet or Remote Desktop Services (formerly called Terminal Services)."
Expand Down
2 changes: 1 addition & 1 deletion sca/windows/cis_win2012r2_memberL1_rcl.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -509,7 +509,7 @@ checks:
rules:
- 'r:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters'
- 'r:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters -> NullSessionShares'
- 'r:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters -> NullSessionShares -> r:^$'
- 'not r:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters -> NullSessionShares -> r:\.'

- id: 9034
title: "Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic - local users authenticate as themselves'"
Expand Down

0 comments on commit ca40ca6

Please sign in to comment.