STIGQter STIGQter: STIG Summary: Microsoft Windows Server 2012/2012 R2 Member Server Security Technical Implementation Guide Version: 3 Release: 2 Benchmark Date: 04 May 2021:

Administrative accounts must not be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email.

DISA Rule

SV-225244r569185_rule

Vulnerability Number

V-225244

Group Title

SRG-OS-000480-GPOS-00227

Rule Version

WN12-00-000008

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Establish and enforce a policy that prohibits administrative accounts from using applications that access the Internet, such as web browsers, or with potential Internet sources, such as email. Define specific exceptions for local service administration. These exceptions may include HTTP(S)-based tools that are used for the administration of the local system, services, or attached devices.

Implement technical measures where feasible such as removal of applications or use of application whitelisting to restrict the use of applications that can access the Internet.

Check Contents

Determine whether administrative accounts are prevented from using applications that access the Internet, such as web browsers, or with potential Internet sources, such as email, except as necessary for local service administration.

The organization must have a policy that prohibits administrative accounts from using applications that access the Internet, such as web browsers, or with potential Internet sources, such as email, except as necessary for local service administration. The policy should define specific exceptions for local service administration. These exceptions may include HTTP(S)-based tools that are used for the administration of the local system, services, or attached devices.

Technical measures such as the removal of applications or application whitelisting must be used where feasible to prevent the use of applications that access the Internet.

If accounts with administrative privileges are not prevented from using applications that access the Internet or with potential Internet sources, this is a finding.

Vulnerability Number

V-225244

Documentable

False

Rule Version

WN12-00-000008

Severity Override Guidance

Determine whether administrative accounts are prevented from using applications that access the Internet, such as web browsers, or with potential Internet sources, such as email, except as necessary for local service administration.

The organization must have a policy that prohibits administrative accounts from using applications that access the Internet, such as web browsers, or with potential Internet sources, such as email, except as necessary for local service administration. The policy should define specific exceptions for local service administration. These exceptions may include HTTP(S)-based tools that are used for the administration of the local system, services, or attached devices.

Technical measures such as the removal of applications or application whitelisting must be used where feasible to prevent the use of applications that access the Internet.

If accounts with administrative privileges are not prevented from using applications that access the Internet or with potential Internet sources, this is a finding.

Check Content Reference

M

Target Key

4214

Comments