POAM-00092
V-224876: Windows Server 2016 must, at a minimum, offload audit records of interconnected systems in real time
Windows Server 2016 must, at a minimum, offload audit records of interconnected systems in real time and offload standalone or nondomain-joined systems weekly....
Recommended NIST Controls
Based on keyword analysis of POA&M description
| Control | Title | Family | Action |
|---|---|---|---|
| No recommendations available (ingest NIST controls first) | |||
Recommended STIG Rules
Based on keyword analysis of POA&M description
| Vuln ID | Title | Severity | Action |
|---|---|---|---|
| V-224826 | Windows Server 2016 must employ a deny-all, permit-by-exception policy to allow the execution of authorized software programs. | CAT II | |
| V-224827 | Windows Server 2016 domain-joined systems must have a Trusted Platform Module (TPM) enabled and ready for use. | CAT II | |
| V-224829 | The Windows Server 2016 system must use an anti-virus program. | CAT I | |
| V-224831 | Local volumes must use a format that supports NTFS attributes. | CAT I | |
| V-224834 | Permissions for the Windows installation directory must conform to minimum requirements. | CAT II | |
| V-224835 | Default permissions for the HKEY_LOCAL_MACHINE registry hive must be maintained. | CAT II | |
| V-224836 | Non-administrative accounts or groups must only have print permissions on printer shares. | CAT III | |
| V-224838 | Windows Server 2016 accounts must require passwords. | CAT II | |
| V-224842 | Software certificate installation files must be removed from Windows Server 2016. | CAT II | |
| V-224843 | Systems requiring data at rest protections must employ cryptographic mechanisms to prevent unauthorized disclosure and modification of the information at rest. | CAT I |