STIGQter STIGQter: STIG Summary: Windows 2008 Member Server Security Technical Implementation Guide Version: 6 Release: 43 Benchmark Date: 26 Jul 2019: Terminal Services – Smart Card Device Redirection Enabled (Terminal Server Role).

DISA Rule

SV-16944r1_rule

Vulnerability Number

V-16000

Group Title

TS/RDS – Smart Card Device Redirection

Rule Version

5.077

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Configure the policy value for Computer Configuration -> Administrative Templates -> Windows Components -> Terminal Services -> Terminal Server -> Device and Resource Redirection “Do not allow smart card device redirection” to “Disabled”.

Check Contents

If the following registry value doesn’t exist or is not configured as specified, this is a finding:

Registry Hive: HKEY_LOCAL_MACHINE
Subkey: \Software\Policies\Microsoft\Windows NT\Terminal Services\

Value Name: fEnableSmartCard

Type: REG_DWORD
Value: 1

Vulnerability Number

V-16000

Documentable

False

Rule Version

5.077

Severity Override Guidance

If the following registry value doesn’t exist or is not configured as specified, this is a finding:

Registry Hive: HKEY_LOCAL_MACHINE
Subkey: \Software\Policies\Microsoft\Windows NT\Terminal Services\

Value Name: fEnableSmartCard

Type: REG_DWORD
Value: 1

Check Content Reference

M

Responsibility

System Administrator

Target Key

1340

Comments