STIGQter: STIG Summary: Microsoft Windows Server 2016 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021: STIGQter: STIG Summary: Microsoft Windows Server 2016 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021:SV-224921r569186_rule
V-224921
SRG-OS-000480-GPOS-00227
WN16-CC-000090
CAT II
10
Configure the policy value for Computer Configuration >> Administrative Templates >> Network >> Network Provider >> "Hardened UNC Paths" to "Enabled" with at least the following configured in "Hardened UNC Paths": (click the "Show" button to display)
Value Name: \\*\SYSVOL
Value: RequireMutualAuthentication=1, RequireIntegrity=1
Value Name: \\*\NETLOGON
Value: RequireMutualAuthentication=1, RequireIntegrity=1
This requirement is applicable to domain-joined systems. For standalone systems, this is NA.
If the following registry values do not exist or are not configured as specified, this is a finding.
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths\
Value Name: \\*\NETLOGON
Value Type: REG_SZ
Value: RequireMutualAuthentication=1, RequireIntegrity=1
Value Name: \\*\SYSVOL
Value Type: REG_SZ
Value: RequireMutualAuthentication=1, RequireIntegrity=1
Additional entries would not be a finding.
V-224921
False
WN16-CC-000090
This requirement is applicable to domain-joined systems. For standalone systems, this is NA.
If the following registry values do not exist or are not configured as specified, this is a finding.
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths\
Value Name: \\*\NETLOGON
Value Type: REG_SZ
Value: RequireMutualAuthentication=1, RequireIntegrity=1
Value Name: \\*\SYSVOL
Value Type: REG_SZ
Value: RequireMutualAuthentication=1, RequireIntegrity=1
Additional entries would not be a finding.
M
4205