STIGQter: STIG Summary: Windows 10 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021:

Only accounts responsible for the backup operations must be members of the Backup Operators group.

DISA Rule

SV-220713r569187_rule

Vulnerability Number

V-220713

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

WN10-00-000075

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Create separate accounts for backup operations for users with this privilege.

Check Contents

Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Groups.
Review the members of the Backup Operators group.

If the group contains no accounts, this is not a finding.

If the group contains any accounts, the accounts must be specifically for backup functions.

If the group contains any standard user accounts used for performing normal user tasks, this is a finding.

Vulnerability Number

V-220713

Documentable

False

Rule Version

WN10-00-000075

Severity Override Guidance

Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Groups.
Review the members of the Backup Operators group.

If the group contains no accounts, this is not a finding.

If the group contains any accounts, the accounts must be specifically for backup functions.

If the group contains any standard user accounts used for performing normal user tasks, this is a finding.

Check Content Reference

M

Target Key

4072

Comments