STIGQter STIGQter: STIG Summary: Windows Server 2019 Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 24 Jan 2020: Windows Server 2019 administrative accounts must not be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email.

DISA Rule

SV-103293r1_rule

Vulnerability Number

V-93205

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

WN19-00-000030

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Establish a policy, at minimum, to prohibit administrative accounts from using applications that access the Internet, such as web browsers, or with potential Internet sources, such as email. Ensure the policy is enforced.

The organization may use technical means such as whitelisting to prevent the use of browsers and mail applications to enforce this requirement.

Check Contents

Determine whether organization policy, at a minimum, prohibits administrative accounts from using applications that access the Internet, such as web browsers, or with potential Internet sources, such as email, except as necessary for local service administration.

If it does not, this is a finding.

The organization may use technical means such as whitelisting to prevent the use of browsers and mail applications to enforce this requirement.

Vulnerability Number

V-93205

Documentable

False

Rule Version

WN19-00-000030

Severity Override Guidance

Determine whether organization policy, at a minimum, prohibits administrative accounts from using applications that access the Internet, such as web browsers, or with potential Internet sources, such as email, except as necessary for local service administration.

If it does not, this is a finding.

The organization may use technical means such as whitelisting to prevent the use of browsers and mail applications to enforce this requirement.

Check Content Reference

M

Target Key

3483

Comments