0 items selected
Showing 50 of 246 grouped items (247 total POA&Ms)
— Page 4 of 5
| Item # | Assets | Title | Severity | Progress | Status | Due Date | Close | Actions | |
|---|---|---|---|---|---|---|---|---|---|
| POAM-00154 | T-ESD-1 | V-224837: Outdated or unused accounts must be removed from the system or disabled. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00155 | T-ESD-1 | V-224841: Non-system-created file shares on a system must limit access to groups that require it. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00156 | T-ESD-1 | V-224923: Windows Server 2016 virtualization-based security must be enabled with the platform security level c | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00158 | T-ESD-1 | V-225016: The "Deny log on as a batch job" user right on member servers must be configured to prevent access f | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00159 | T-ESD-1 | V-225082: The Impersonate a client after authentication user right must only be assigned to Administrators, Se | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00162 | T-ESD-1 | V-218737: A private IIS 10.0 website must only accept Secure Socket Layer (SSL) connections. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00163 | T-ESD-1 | V-218738: A public IIS 10.0 website must only accept Secure Socket Layer (SSL) connections when authentication | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00164 | T-ESD-1 | V-218745: The IIS 10.0 website must have resource mappings set to disable the serving of certain file types. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00165 | T-ESD-1 | V-218748: Each IIS 10.0 website must be assigned a default host header. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00166 | T-ESD-1 | V-218752: The IIS 10.0 website document directory must be in a separate partition from the IIS 10.0 websites s | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00167 | T-ESD-1 | V-218756: Non-ASCII characters in URLs must be prohibited by any IIS 10.0 website. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00168 | T-ESD-1 | V-218758: Unlisted file extensions in URL requests must be filtered by any IIS 10.0 website. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00169 | T-ESD-1 | V-218767: The IIS 10.0 website must only accept client certificates issued by DOD PKI or DOD-approved PKI Cert | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00170 | T-ESD-1 | V-218772: The maximum number of requests an application pool can process for each IIS 10.0 website must be exp | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00173 | T-ESD-1 | V-243468: Administrators must have separate accounts specifically for managing domain member servers. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00174 | T-ESD-1 | V-243469: Administrators must have separate accounts specifically for managing domain workstations. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00176 | T-ESD-1 | V-243471: Local administrator accounts on domain systems must not share the same password. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00177 | T-ESD-1 | V-243472: Separate smart cards must be used for Enterprise Admin (EA) and Domain Admin (DA) accounts from smar | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00178 | T-ESD-1 | V-243475: Domain controllers must be blocked from Internet access. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00179 | T-ESD-1 | V-243477: User accounts with domain level administrative privileges must be members of the Protected Users gro | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00180 | T-ESD-1 | V-243487: Membership in the Group Policy Creator Owners and Incoming Forest Trust Builders groups must be limi | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00181 | T-ESD-1 | V-269097: Windows Server domain controllers must have Kerberos logging enabled with servers hosting Active Dir | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00182 | T-ESD-1 | V-243502: Membership to the Schema Admins group must be limited. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00183 | T-ESD-1 | V-243504: The Windows Time Service on the forest root PDC Emulator must be configured to acquire its time from | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00184 | T-ESD-1 | V-224842: Software certificate installation files must be removed from Windows Server 2016. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00186 | T-ESD-1 | V-224863: Orphaned security identifiers (SIDs) must be removed from user rights on Windows 2016. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00187 | T-ESD-1 | V-224940: Windows Server 2016 Windows SmartScreen must be enabled. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00188 | T-ESD-1 | V-224976: Domain controllers must run on a machine dedicated to that function. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00190 | T-ESD-1 | V-224981: The Active Directory Domain object must be configured with proper audit settings. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00191 | T-ESD-1 | V-224982: The Active Directory Infrastructure object must be configured with proper audit settings. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00192 | T-ESD-1 | V-224983: The Active Directory Domain Controllers Organizational Unit (OU) object must be configured with prop | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00193 | T-ESD-1 | V-224984: The Active Directory AdminSDHolder object must be configured with proper audit settings. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00194 | T-ESD-1 | V-224985: The Active Directory RID Manager$ object must be configured with proper audit settings. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00196 | T-ESD-1 | V-224994: Active Directory user accounts, including administrators, must be configured to require the use of a | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00197 | T-ESD-1 | V-224995: Domain controllers must require LDAP access signing. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00198 | T-ESD-1 | V-224997: The Access this computer from the network user right must only be assigned to the Administrators, Au | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00199 | T-ESD-1 | V-224998: The Add workstations to domain user right must only be assigned to the Administrators group. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00200 | T-ESD-1 | V-225072: The Allow log on locally user right must only be assigned to the Administrators group. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00201 | T-ESD-1 | V-225073: The Back up files and directories user right must only be assigned to the Administrators group. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00202 | T-ESD-1 | V-225080: The Force shutdown from a remote system user right must only be assigned to the Administrators group | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00203 | T-ESD-1 | V-225084: The Load and unload device drivers user right must only be assigned to the Administrators group. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00204 | T-ESD-1 | V-225086: The Manage auditing and security log user right must only be assigned to the Administrators group. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00205 | T-ESD-1 | V-225092: The Restore files and directories user right must only be assigned to the Administrators group. | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00207 | T-ESD-1 | V-259342: Forwarders on an authoritative Windows DNS Server, if enabled for external resolution, must forward | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00208 | T-ESD-1 | V-259357: The Windows DNS Server authoritative for local zones must only point root hints to the DNS servers t | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00209 | T-ESD-1 | V-259367: The Windows DNS Server must be configured to enforce authorized access to the corresponding private | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00210 | T-ESD-1 | V-259369: The Windows DNS Server permissions must be set so the key file can only be read or modified by the a | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00211 | T-ESD-1 | V-259405: The Windows DNS Server must, when a component failure is detected, activate a notification to the sy | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00212 | T-ESD-1 | V-259407: The Windows DNS Server must verify the correct operation of security functions upon system startup a | CAT I |
|
Open | 5 days left | View Mappings | ||
| POAM-00213 | T-ESD-1 | V-259411: The DNS server implementation must employ strong authenticators in the establishment of nonlocal mai | CAT I |
|
Open | 5 days left | View Mappings |
Page 4 of 5