POAM-00247
CSI Prep Deliverable: Final Logistics
Visit Requests and additional logistics sent to site. OCA provides site reciprocity memo for NIPR/SIPR user accounts....
Recommended NIST Controls
Based on keyword analysis of POA&M description
| Control | Title | Family | Action |
|---|---|---|---|
| No recommendations available (ingest NIST controls first) | |||
Recommended STIG Rules
Based on keyword analysis of POA&M description
| Vuln ID | Title | Severity | Action |
|---|---|---|---|
| V-224819 | Users with Administrative privileges must have separate accounts for administrative duties and normal operational tasks. | CAT I | |
| V-224821 | Administrative accounts must not be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email. | CAT I | |
| V-224822 | Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks. | CAT II | |
| V-224825 | Shared user accounts must not be permitted on the system. | CAT II | |
| V-224826 | Windows Server 2016 must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs. | CAT II | |
| V-224830 | Servers must have a host-based intrusion detection or prevention system. | CAT II | |
| V-224832 | Permissions for the system drive root directory (usually C:\) must conform to minimum requirements. | CAT II | |
| V-224833 | Permissions for program file directories must conform to minimum requirements. | CAT II | |
| V-224834 | Permissions for the Windows installation directory must conform to minimum requirements. | CAT II | |
| V-224836 | Non-administrative accounts or groups must only have print permissions on printer shares. | CAT III |