POAM-00196
V-224994: Active Directory user accounts, including administrators, must be configured to require the use of a
Active Directory user accounts, including administrators, must be configured to require the use of a Common Access Card (CAC), Personal Identity Verification (PIV)-compliant hardware token, or Alterna...
Recommended NIST Controls
Based on keyword analysis of POA&M description
| Control | Title | Family | Action |
|---|---|---|---|
| No recommendations available (ingest NIST controls first) | |||
Recommended STIG Rules
Based on keyword analysis of POA&M description
| Vuln ID | Title | Severity | Action |
|---|---|---|---|
| V-224819 | Users with Administrative privileges must have separate accounts for administrative duties and normal operational tasks. | CAT I | |
| V-224821 | Administrative accounts must not be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email. | CAT I | |
| V-224822 | Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks. | CAT II | |
| V-224825 | Shared user accounts must not be permitted on the system. | CAT II | |
| V-224826 | Windows Server 2016 must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs. | CAT II | |
| V-224827 | Windows Server 2016 domain-joined systems must have a Trusted Platform Module (TPM) enabled and ready for use. | CAT II | |
| V-224830 | Servers must have a host-based intrusion detection or prevention system. | CAT II | |
| V-224832 | Permissions for the system drive root directory (usually C:\) must conform to minimum requirements. | CAT II | |
| V-224833 | Permissions for program file directories must conform to minimum requirements. | CAT II | |
| V-224834 | Permissions for the Windows installation directory must conform to minimum requirements. | CAT II |