USNS MONTFORD POINT - Findings

V-224867 CAT II Windows Server 2016 must have the number of allowed bad logo...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 41AA04D471372F76F2904EE0EF5CA66462310C29 ~~~~~ 'Account lockout threshold' is Configured LockoutBadCount: 3 Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 41AA04D471372F76F2904EE0EF5CA66462310C29 ~~~~~ 'Account lockout threshold' is Configured LockoutBadCount: 3 Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 41AA04D471372F76F2904EE0EF5CA66462310C29 ~~~~~ 'Account lockout threshold' is Configured LockoutBadCount: 3 Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 41AA04D471372F76F2904EE0EF5CA66462310C29 ~~~~~ 'Account lockout threshold' is Configured LockoutBadCount: 3 Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 41AA04D471372F76F2904EE0EF5CA66462310C29 ~~~~~ 'Account lockout threshold' is Configured LockoutBadCount: 3 Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 41AA04D471372F76F2904EE0EF5CA66462310C29 ~~~~~ 'Account lockout threshold' is Configured LockoutBadCount: 3 Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 41AA04D471372F76F2904EE0EF5CA66462310C29 ~~~~~ 'Account lockout threshold' is Configured LockoutBadCount: 3 Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 41AA04D471372F76F2904EE0EF5CA66462310C29 ~~~~~ 'Account lockout threshold' is Configured LockoutBadCount: 3 Comments

Check Text

Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Account Lockout Policy. If the "Account lockout threshold" is "0" or more than "3" attempts, this is a finding. For server core installations, run the following command: Secedit /Export /Areas SecurityPolicy /CFG C:\Path\FileName.Txt If "LockoutBadCount" equals "0" or is greater than "3" in the file, this is a finding.

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Account Lockout Policy >> "Account lockout threshold" to "3" or fewer invalid logon attempts (excluding "0", which is unacceptable).

V-224868 CAT II Windows Server 2016 must have the period of time before the ...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C7A0EE0ADBB8B8A24BDEA6EC108E7DA83CCEAB1C ~~~~~ 'Reset account lockout counter after' is Configured ResetLockoutCount: 15 Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C7A0EE0ADBB8B8A24BDEA6EC108E7DA83CCEAB1C ~~~~~ 'Reset account lockout counter after' is Configured ResetLockoutCount: 15 Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C7A0EE0ADBB8B8A24BDEA6EC108E7DA83CCEAB1C ~~~~~ 'Reset account lockout counter after' is Configured ResetLockoutCount: 15 Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 37DB4D8F6270B14CA1853DDFD4F69D80CBDA1158 ~~~~~ 'Reset account lockout counter after' is Configured ResetLockoutCount: 60 Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C7A0EE0ADBB8B8A24BDEA6EC108E7DA83CCEAB1C ~~~~~ 'Reset account lockout counter after' is Configured ResetLockoutCount: 15 Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 37DB4D8F6270B14CA1853DDFD4F69D80CBDA1158 ~~~~~ 'Reset account lockout counter after' is Configured ResetLockoutCount: 60 Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C7A0EE0ADBB8B8A24BDEA6EC108E7DA83CCEAB1C ~~~~~ 'Reset account lockout counter after' is Configured ResetLockoutCount: 15 Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: C7A0EE0ADBB8B8A24BDEA6EC108E7DA83CCEAB1C ~~~~~ 'Reset account lockout counter after' is Configured ResetLockoutCount: 15 Comments

Check Text

Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Account Lockout Policy. If the "Reset account lockout counter after" value is less than "15" minutes, this is a finding. For server core installations, run the following command: Secedit /Export /Areas SecurityPolicy /CFG C:\Path\FileName.Txt If "ResetLockoutCount" is less than "15" in the file, this is a finding.

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Account Lockout Policy >> "Reset account lockout counter after" to at least "15" minutes.

V-224869 CAT II Windows Server 2016 password history must be configured to 2...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3D66E73980452DD8BD3CA8FE1C7ACB35BFFBF1E0 ~~~~~ 'Enforce password history' is Configured PasswordHistorySize: 24 Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3D66E73980452DD8BD3CA8FE1C7ACB35BFFBF1E0 ~~~~~ 'Enforce password history' is Configured PasswordHistorySize: 24 Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3D66E73980452DD8BD3CA8FE1C7ACB35BFFBF1E0 ~~~~~ 'Enforce password history' is Configured PasswordHistorySize: 24 Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3D66E73980452DD8BD3CA8FE1C7ACB35BFFBF1E0 ~~~~~ 'Enforce password history' is Configured PasswordHistorySize: 24 Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3D66E73980452DD8BD3CA8FE1C7ACB35BFFBF1E0 ~~~~~ 'Enforce password history' is Configured PasswordHistorySize: 24 Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3D66E73980452DD8BD3CA8FE1C7ACB35BFFBF1E0 ~~~~~ 'Enforce password history' is Configured PasswordHistorySize: 24 Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3D66E73980452DD8BD3CA8FE1C7ACB35BFFBF1E0 ~~~~~ 'Enforce password history' is Configured PasswordHistorySize: 24 Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3D66E73980452DD8BD3CA8FE1C7ACB35BFFBF1E0 ~~~~~ 'Enforce password history' is Configured PasswordHistorySize: 24 Comments

Check Text

Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Password Policy. If the value for "Enforce password history" is less than "24" passwords remembered, this is a finding. For server core installations, run the following command: Secedit /Export /Areas SecurityPolicy /CFG C:\Path\FileName.Txt If "PasswordHistorySize" is less than "24" in the file, this is a finding.

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Password Policy >> "Enforce password history" to "24" passwords remembered.

V-224870 CAT II Windows Server 2016 maximum password age must be configured ...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCF0D84A66291D6B08E64E7CDECB346B977B8E44 ~~~~~ 'Maximum Password Age' is Configured MaximumPasswordAge: 60 Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCF0D84A66291D6B08E64E7CDECB346B977B8E44 ~~~~~ 'Maximum Password Age' is Configured MaximumPasswordAge: 60 Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCF0D84A66291D6B08E64E7CDECB346B977B8E44 ~~~~~ 'Maximum Password Age' is Configured MaximumPasswordAge: 60 Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCF0D84A66291D6B08E64E7CDECB346B977B8E44 ~~~~~ 'Maximum Password Age' is Configured MaximumPasswordAge: 60 Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCF0D84A66291D6B08E64E7CDECB346B977B8E44 ~~~~~ 'Maximum Password Age' is Configured MaximumPasswordAge: 60 Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCF0D84A66291D6B08E64E7CDECB346B977B8E44 ~~~~~ 'Maximum Password Age' is Configured MaximumPasswordAge: 60 Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCF0D84A66291D6B08E64E7CDECB346B977B8E44 ~~~~~ 'Maximum Password Age' is Configured MaximumPasswordAge: 60 Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCF0D84A66291D6B08E64E7CDECB346B977B8E44 ~~~~~ 'Maximum Password Age' is Configured MaximumPasswordAge: 60 Comments

Check Text

Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Password Policy. If the value for the "Maximum password age" is greater than "60" days, this is a finding. If the value is set to "0" (never expires), this is a finding. For server core installations, run the following command: Secedit /Export /Areas SecurityPolicy /CFG C:\Path\FileName.Txt If "MaximumPasswordAge" is greater than "60" or equal to "0" in the file, this is a finding.

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Password Policy >> "Maximum password age" to "60" days or less (excluding "0", which is unacceptable).

V-224871 CAT II Windows Server 2016 minimum password age must be configured ...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E9E63FACC0D99C86CB8F91687EDAD046854EBCD0 ~~~~~ 'Minimum password age' is Configured MinimumPasswordAge: 1 Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E9E63FACC0D99C86CB8F91687EDAD046854EBCD0 ~~~~~ 'Minimum password age' is Configured MinimumPasswordAge: 1 Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E9E63FACC0D99C86CB8F91687EDAD046854EBCD0 ~~~~~ 'Minimum password age' is Configured MinimumPasswordAge: 1 Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E9E63FACC0D99C86CB8F91687EDAD046854EBCD0 ~~~~~ 'Minimum password age' is Configured MinimumPasswordAge: 1 Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E9E63FACC0D99C86CB8F91687EDAD046854EBCD0 ~~~~~ 'Minimum password age' is Configured MinimumPasswordAge: 1 Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E9E63FACC0D99C86CB8F91687EDAD046854EBCD0 ~~~~~ 'Minimum password age' is Configured MinimumPasswordAge: 1 Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E9E63FACC0D99C86CB8F91687EDAD046854EBCD0 ~~~~~ 'Minimum password age' is Configured MinimumPasswordAge: 1 Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E9E63FACC0D99C86CB8F91687EDAD046854EBCD0 ~~~~~ 'Minimum password age' is Configured MinimumPasswordAge: 1 Comments

Check Text

Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Password Policy. If the value for the "Minimum password age" is set to "0" days ("Password can be changed immediately"), this is a finding. For server core installations, run the following command: Secedit /Export /Areas SecurityPolicy /CFG C:\Path\FileName.Txt If "MinimumPasswordAge" equals "0" in the file, this is a finding.

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Password Policy >> "Minimum password age" to at least "1" day.

V-224872 CAT II Windows Server 2016 minimum password length must be configur...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6BE08ACAB8AD3365003019D2702FDF3075E0F32E ~~~~~ 'Minimum password length' is Configured MinimumPasswordLength: 14 Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6BE08ACAB8AD3365003019D2702FDF3075E0F32E ~~~~~ 'Minimum password length' is Configured MinimumPasswordLength: 14 Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6BE08ACAB8AD3365003019D2702FDF3075E0F32E ~~~~~ 'Minimum password length' is Configured MinimumPasswordLength: 14 Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6BE08ACAB8AD3365003019D2702FDF3075E0F32E ~~~~~ 'Minimum password length' is Configured MinimumPasswordLength: 14 Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6BE08ACAB8AD3365003019D2702FDF3075E0F32E ~~~~~ 'Minimum password length' is Configured MinimumPasswordLength: 14 Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6BE08ACAB8AD3365003019D2702FDF3075E0F32E ~~~~~ 'Minimum password length' is Configured MinimumPasswordLength: 14 Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6BE08ACAB8AD3365003019D2702FDF3075E0F32E ~~~~~ 'Minimum password length' is Configured MinimumPasswordLength: 14 Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6BE08ACAB8AD3365003019D2702FDF3075E0F32E ~~~~~ 'Minimum password length' is Configured MinimumPasswordLength: 14 Comments

Check Text

Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Password Policy. If the value for the "Minimum password length," is less than "14" characters, this is a finding. For server core installations, run the following command: Secedit /Export /Areas SecurityPolicy /CFG C:\Path\FileName.Txt If "MinimumPasswordLength" is less than "14" in the file, this is a finding.

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Password Policy >> "Minimum password length" to "14" characters.

V-224873 CAT II Windows Server 2016 must have the built-in Windows password ...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3254975B2BFF298E56535B14B1F167FECB6E84E0 ~~~~~ 'Password must meet complexity requirements' is Enabled PasswordComplexity: 1 Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3254975B2BFF298E56535B14B1F167FECB6E84E0 ~~~~~ 'Password must meet complexity requirements' is Enabled PasswordComplexity: 1 Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3254975B2BFF298E56535B14B1F167FECB6E84E0 ~~~~~ 'Password must meet complexity requirements' is Enabled PasswordComplexity: 1 Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3254975B2BFF298E56535B14B1F167FECB6E84E0 ~~~~~ 'Password must meet complexity requirements' is Enabled PasswordComplexity: 1 Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3254975B2BFF298E56535B14B1F167FECB6E84E0 ~~~~~ 'Password must meet complexity requirements' is Enabled PasswordComplexity: 1 Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3254975B2BFF298E56535B14B1F167FECB6E84E0 ~~~~~ 'Password must meet complexity requirements' is Enabled PasswordComplexity: 1 Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3254975B2BFF298E56535B14B1F167FECB6E84E0 ~~~~~ 'Password must meet complexity requirements' is Enabled PasswordComplexity: 1 Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3254975B2BFF298E56535B14B1F167FECB6E84E0 ~~~~~ 'Password must meet complexity requirements' is Enabled PasswordComplexity: 1 Comments

Check Text

Verify the effective setting in Local Group Policy Editor. Run "gpedit.msc". Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Password Policy. If the value for "Password must meet complexity requirements" is not set to "Enabled", this is a finding. For server core installations, run the following command: Secedit /Export /Areas SecurityPolicy /CFG C:\Path\FileName.Txt If "PasswordComplexity" equals "0" in the file, this is a finding. Note: If an external password filter is in use that enforces all four character types and requires this setting to be set to "Disabled", this would not be considered a finding. If this setting does not affect the use of an external password filter, it must be enabled for fallback purposes.

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Account Policies >> Password Policy >> "Password must meet complexity requirements" to "Enabled".

V-224877 CAT II Permissions for the Application event log must prevent acces...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CDBFD3690EC549DDFFFB51C92201C493EF00B4B ~~~~~ C:\windows\System32\Winevt\Logs\Application.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments

Check Text

Navigate to the Application event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "Application.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control

Fix Text

Configure the permissions on the Application event log file (Application.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog".

V-224878 CAT II Permissions for the Security event log must prevent access b...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: CE8AA1E475C7721743E3AFFD73B09912D17D565D ~~~~~ C:\windows\System32\Winevt\Logs\Security.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments

Check Text

Navigate to the Security event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "Security.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control

Fix Text

Configure the permissions on the Security event log file (Security.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog".

V-224879 CAT II Permissions for the System event log must prevent access by ...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 46DB62D699DC003F8072DA5CA34FBB2DDC3ED53D ~~~~~ C:\windows\System32\Winevt\Logs\System.evtx --------------------- Default permissions are in place. Current ACL: NT SERVICE\EventLog:(I)(F) NT AUTHORITY\SYSTEM:(I)(F) BUILTIN\Administrators:(I)(F) --------------------- Comments

Check Text

Navigate to the System event log file. The default location is the "%SystemRoot%\System32\winevt\Logs" folder. However, the logs may have been moved to another folder. If the permissions for the "System.evtx" file are not as restrictive as the default permissions listed below, this is a finding. Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control

Fix Text

Configure the permissions on the System event log file (System.evtx) to prevent access by non-privileged accounts. The default permissions listed below satisfy this requirement: Eventlog - Full Control SYSTEM - Full Control Administrators - Full Control The default location is the "%SystemRoot%\ System32\winevt\Logs" folder. If the location of the logs has been changed, when adding Eventlog to the permissions, it must be entered as "NT Service\Eventlog".

V-224880 CAT II Event Viewer must be protected from unauthorized modificatio...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D498FC26C7A728A8C963392572020FED8F3CD5A2 ~~~~~ C:\windows\System32\Eventvwr.exe --------------------- Default permissions are in place. Current ACL: NT SERVICE\TrustedInstaller:(F) BUILTIN\Administrators:(RX) NT AUTHORITY\SYSTEM:(RX) BUILTIN\Users:(RX) APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(RX) APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(RX) --------------------- Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D498FC26C7A728A8C963392572020FED8F3CD5A2 ~~~~~ C:\windows\System32\Eventvwr.exe --------------------- Default permissions are in place. Current ACL: NT SERVICE\TrustedInstaller:(F) BUILTIN\Administrators:(RX) NT AUTHORITY\SYSTEM:(RX) BUILTIN\Users:(RX) APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(RX) APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(RX) --------------------- Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D498FC26C7A728A8C963392572020FED8F3CD5A2 ~~~~~ C:\windows\System32\Eventvwr.exe --------------------- Default permissions are in place. Current ACL: NT SERVICE\TrustedInstaller:(F) BUILTIN\Administrators:(RX) NT AUTHORITY\SYSTEM:(RX) BUILTIN\Users:(RX) APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(RX) APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(RX) --------------------- Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D498FC26C7A728A8C963392572020FED8F3CD5A2 ~~~~~ C:\windows\System32\Eventvwr.exe --------------------- Default permissions are in place. Current ACL: NT SERVICE\TrustedInstaller:(F) BUILTIN\Administrators:(RX) NT AUTHORITY\SYSTEM:(RX) BUILTIN\Users:(RX) APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(RX) APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(RX) --------------------- Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D498FC26C7A728A8C963392572020FED8F3CD5A2 ~~~~~ C:\windows\System32\Eventvwr.exe --------------------- Default permissions are in place. Current ACL: NT SERVICE\TrustedInstaller:(F) BUILTIN\Administrators:(RX) NT AUTHORITY\SYSTEM:(RX) BUILTIN\Users:(RX) APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(RX) APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(RX) --------------------- Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D498FC26C7A728A8C963392572020FED8F3CD5A2 ~~~~~ C:\windows\System32\Eventvwr.exe --------------------- Default permissions are in place. Current ACL: NT SERVICE\TrustedInstaller:(F) BUILTIN\Administrators:(RX) NT AUTHORITY\SYSTEM:(RX) BUILTIN\Users:(RX) APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(RX) APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(RX) --------------------- Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D498FC26C7A728A8C963392572020FED8F3CD5A2 ~~~~~ C:\windows\System32\Eventvwr.exe --------------------- Default permissions are in place. Current ACL: NT SERVICE\TrustedInstaller:(F) BUILTIN\Administrators:(RX) NT AUTHORITY\SYSTEM:(RX) BUILTIN\Users:(RX) APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(RX) APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(RX) --------------------- Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: D498FC26C7A728A8C963392572020FED8F3CD5A2 ~~~~~ C:\windows\System32\Eventvwr.exe --------------------- Default permissions are in place. Current ACL: NT SERVICE\TrustedInstaller:(F) BUILTIN\Administrators:(RX) NT AUTHORITY\SYSTEM:(RX) BUILTIN\Users:(RX) APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES:(RX) APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES:(RX) --------------------- Comments

Check Text

Navigate to "%SystemRoot%\System32". View the permissions on "Eventvwr.exe". If any groups or accounts other than TrustedInstaller have "Full control" or "Modify" permissions, this is a finding. The default permissions below satisfy this requirement: TrustedInstaller - Full Control Administrators, SYSTEM, Users, ALL APPLICATION PACKAGES, ALL RESTRICTED APPLICATION PACKAGES - Read & Execute

Fix Text

Configure the permissions on the "Eventvwr.exe" file to prevent modification by any groups or accounts other than TrustedInstaller. The default permissions listed below satisfy this requirement: TrustedInstaller - Full Control Administrators, SYSTEM, Users, ALL APPLICATION PACKAGES, ALL RESTRICTED APPLICATION PACKAGES - Read & Execute The default location is the "%SystemRoot%\ System32" folder.

V-224881 CAT II Windows Server 2016 must be configured to audit Account Logo...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Account Logon >> Credential Validation - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Account Logon >> "Audit Credential Validation" with "Success" selected.

V-224882 CAT II Windows Server 2016 must be configured to audit Account Logo...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7DF341CB41A0B60FB92B392D3AA616EB0F8C60 ~~~~~ Credential Validation: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Account Logon >> Credential Validation - Failure

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Account Logon >> "Audit Credential Validation" with "Failure" selected.

V-224883 CAT II Windows Server 2016 must be configured to audit Account Mana...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9A6F552FAB98CF8F94D1E6F6BD0061408022D4E5 ~~~~~ Other Account Management Events: Success Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9A6F552FAB98CF8F94D1E6F6BD0061408022D4E5 ~~~~~ Other Account Management Events: Success Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9A6F552FAB98CF8F94D1E6F6BD0061408022D4E5 ~~~~~ Other Account Management Events: Success Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9A6F552FAB98CF8F94D1E6F6BD0061408022D4E5 ~~~~~ Other Account Management Events: Success Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9A6F552FAB98CF8F94D1E6F6BD0061408022D4E5 ~~~~~ Other Account Management Events: Success Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9A6F552FAB98CF8F94D1E6F6BD0061408022D4E5 ~~~~~ Other Account Management Events: Success Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9A6F552FAB98CF8F94D1E6F6BD0061408022D4E5 ~~~~~ Other Account Management Events: Success Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 9A6F552FAB98CF8F94D1E6F6BD0061408022D4E5 ~~~~~ Other Account Management Events: Success Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Account Management >> Other Account Management Events - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Account Management >> "Audit Other Account Management Events" with "Success" selected.

V-224884 CAT II Windows Server 2016 must be configured to audit Account Mana...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E026B0CB713D941C6AC9CDB0976AD1DDCB8564DE ~~~~~ Security Group Management: Success Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E026B0CB713D941C6AC9CDB0976AD1DDCB8564DE ~~~~~ Security Group Management: Success Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E026B0CB713D941C6AC9CDB0976AD1DDCB8564DE ~~~~~ Security Group Management: Success Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E026B0CB713D941C6AC9CDB0976AD1DDCB8564DE ~~~~~ Security Group Management: Success Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E026B0CB713D941C6AC9CDB0976AD1DDCB8564DE ~~~~~ Security Group Management: Success Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E026B0CB713D941C6AC9CDB0976AD1DDCB8564DE ~~~~~ Security Group Management: Success Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E026B0CB713D941C6AC9CDB0976AD1DDCB8564DE ~~~~~ Security Group Management: Success Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: E026B0CB713D941C6AC9CDB0976AD1DDCB8564DE ~~~~~ Security Group Management: Success Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Account Management >> Security Group Management - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Account Management >> "Audit Security Group Management" with "Success" selected.

V-224885 CAT II Windows Server 2016 must be configured to audit Account Mana...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Account Management >> User Account Management - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Account Management >> "Audit User Account Management" with "Success" selected.

V-224886 CAT II Windows Server 2016 must be configured to audit Account Mana...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 3AA7E01468B70DEFA406DABDAF58FAD0F1E7BE63 ~~~~~ User Account Management: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Account Management >> User Account Management - Failure

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Account Management >> "Audit User Account Management" with "Failure" selected.

V-224887 CAT II Windows Server 2016 must be configured to audit Detailed Tra...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCA308C4975262F51F29DAED106C291E8960644D ~~~~~ Plug and Play Events: Success Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCA308C4975262F51F29DAED106C291E8960644D ~~~~~ Plug and Play Events: Success Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCA308C4975262F51F29DAED106C291E8960644D ~~~~~ Plug and Play Events: Success Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCA308C4975262F51F29DAED106C291E8960644D ~~~~~ Plug and Play Events: Success Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCA308C4975262F51F29DAED106C291E8960644D ~~~~~ Plug and Play Events: Success Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCA308C4975262F51F29DAED106C291E8960644D ~~~~~ Plug and Play Events: Success Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCA308C4975262F51F29DAED106C291E8960644D ~~~~~ Plug and Play Events: Success Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DCA308C4975262F51F29DAED106C291E8960644D ~~~~~ Plug and Play Events: Success Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*" Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Detailed Tracking >> Plug and Play Events - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Detailed Tracking >> "Audit PNP Activity" with "Success" selected.

V-224888 CAT II Windows Server 2016 must be configured to audit Detailed Tra...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 812B92C97F6B9D7E16F6294B301DF81AC57720AA ~~~~~ Process Creation: Success Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 812B92C97F6B9D7E16F6294B301DF81AC57720AA ~~~~~ Process Creation: Success Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 812B92C97F6B9D7E16F6294B301DF81AC57720AA ~~~~~ Process Creation: Success Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 812B92C97F6B9D7E16F6294B301DF81AC57720AA ~~~~~ Process Creation: Success Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 812B92C97F6B9D7E16F6294B301DF81AC57720AA ~~~~~ Process Creation: Success Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 812B92C97F6B9D7E16F6294B301DF81AC57720AA ~~~~~ Process Creation: Success Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 812B92C97F6B9D7E16F6294B301DF81AC57720AA ~~~~~ Process Creation: Success Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 812B92C97F6B9D7E16F6294B301DF81AC57720AA ~~~~~ Process Creation: Success Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Detailed Tracking >> Process Creation - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Detailed Tracking >> "Audit Process Creation" with "Success" selected.

V-224890 CAT II Windows Server 2016 must be configured to audit Logon/Logoff...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2E746D5F43EB8C3F77B80B54409F13AC35713399 ~~~~~ Account Lockout: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2E746D5F43EB8C3F77B80B54409F13AC35713399 ~~~~~ Account Lockout: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2E746D5F43EB8C3F77B80B54409F13AC35713399 ~~~~~ Account Lockout: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2E746D5F43EB8C3F77B80B54409F13AC35713399 ~~~~~ Account Lockout: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2E746D5F43EB8C3F77B80B54409F13AC35713399 ~~~~~ Account Lockout: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2E746D5F43EB8C3F77B80B54409F13AC35713399 ~~~~~ Account Lockout: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2E746D5F43EB8C3F77B80B54409F13AC35713399 ~~~~~ Account Lockout: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2E746D5F43EB8C3F77B80B54409F13AC35713399 ~~~~~ Account Lockout: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*" Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Logon/Logoff >> Account Lockout - Failure

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Logon/Logoff >> "Audit Account Lockout" with "Failure" selected.

V-224891 CAT II Windows Server 2016 must be configured to audit Logon/Logoff...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6318D6520C67CFD4EB30011DEB0BCAC76DCB6CC8 ~~~~~ Group Membership: Success Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6318D6520C67CFD4EB30011DEB0BCAC76DCB6CC8 ~~~~~ Group Membership: Success Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6318D6520C67CFD4EB30011DEB0BCAC76DCB6CC8 ~~~~~ Group Membership: Success Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6318D6520C67CFD4EB30011DEB0BCAC76DCB6CC8 ~~~~~ Group Membership: Success Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6318D6520C67CFD4EB30011DEB0BCAC76DCB6CC8 ~~~~~ Group Membership: Success Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6318D6520C67CFD4EB30011DEB0BCAC76DCB6CC8 ~~~~~ Group Membership: Success Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6318D6520C67CFD4EB30011DEB0BCAC76DCB6CC8 ~~~~~ Group Membership: Success Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6318D6520C67CFD4EB30011DEB0BCAC76DCB6CC8 ~~~~~ Group Membership: Success Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*" Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Logon/Logoff >> Group Membership - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Logon/Logoff >> "Audit Group Membership" with "Success" selected.

V-224892 CAT II Windows Server 2016 must be configured to audit Logon/Logoff...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7A950E7532BE5A2E4F09E8A1E67C0FDAF4E8851D ~~~~~ Logoff: Success Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7A950E7532BE5A2E4F09E8A1E67C0FDAF4E8851D ~~~~~ Logoff: Success Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7A950E7532BE5A2E4F09E8A1E67C0FDAF4E8851D ~~~~~ Logoff: Success Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7A950E7532BE5A2E4F09E8A1E67C0FDAF4E8851D ~~~~~ Logoff: Success Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7A950E7532BE5A2E4F09E8A1E67C0FDAF4E8851D ~~~~~ Logoff: Success Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7A950E7532BE5A2E4F09E8A1E67C0FDAF4E8851D ~~~~~ Logoff: Success Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7A950E7532BE5A2E4F09E8A1E67C0FDAF4E8851D ~~~~~ Logoff: Success Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7A950E7532BE5A2E4F09E8A1E67C0FDAF4E8851D ~~~~~ Logoff: Success Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Logon/Logoff >> Logoff - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Logon/Logoff >> "Audit Logoff" with "Success" selected.

V-224893 CAT II Windows Server 2016 must be configured to audit Logon/Logoff...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Logon/Logoff >> Logon - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Logon/Logoff >> "Audit Logon" with "Success" selected.

V-224894 CAT II Windows Server 2016 must be configured to audit Logon/Logoff...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 6557C8974FEC4237F5E900001DCA960F93582900 ~~~~~ Logon: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Logon/Logoff >> Logon - Failure

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Logon/Logoff >> "Audit Logon" with "Failure" selected.

V-224895 CAT II Windows Server 2016 must be configured to audit Logon/Logoff...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA41DFC702C29EE8A4A2E9FCA6F596F4BCEB5161 ~~~~~ Special Logon: Success Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA41DFC702C29EE8A4A2E9FCA6F596F4BCEB5161 ~~~~~ Special Logon: Success Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA41DFC702C29EE8A4A2E9FCA6F596F4BCEB5161 ~~~~~ Special Logon: Success Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA41DFC702C29EE8A4A2E9FCA6F596F4BCEB5161 ~~~~~ Special Logon: Success Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA41DFC702C29EE8A4A2E9FCA6F596F4BCEB5161 ~~~~~ Special Logon: Success Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA41DFC702C29EE8A4A2E9FCA6F596F4BCEB5161 ~~~~~ Special Logon: Success Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA41DFC702C29EE8A4A2E9FCA6F596F4BCEB5161 ~~~~~ Special Logon: Success Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA41DFC702C29EE8A4A2E9FCA6F596F4BCEB5161 ~~~~~ Special Logon: Success Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Logon/Logoff >> Special Logon - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Logon/Logoff >> "Audit Special Logon" with "Success" selected.

V-224896 CAT II Windows 2016 must be configured to audit Object Access - Oth...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the "AuditPol" tool to review the current Audit Policy configuration: Open "PowerShell" or a "Command Prompt" with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*" Compare the "AuditPol" settings with the following: If the system does not audit the following, this is a finding. Object Access >> Other Object Access Events - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Object Access >> "Audit Other Object Access Events" with "Success" selected.

V-224897 CAT II Windows 2016 must be configured to audit Object Access - Oth...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 11B3505989ED9CB1A87C28ADEB0006351D13AF0E ~~~~~ Other Object Access Events: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the "AuditPol" tool to review the current Audit Policy configuration: Open "PowerShell" or a "Command Prompt" with elevated privileges ("Run as Administrator"). Enter "AuditPol /get /category:*" Compare the "AuditPol" settings with the following: If the system does not audit the following, this is a finding. Object Access >> Other Object Access Events - Failure

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Object Access >> "Audit Other Object Access Events" with "Failure" selected.

V-224898 CAT II Windows Server 2016 must be configured to audit Object Acces...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Object Access >> Removable Storage - Success Virtual machines or systems that use network attached storage may generate excessive audit events for secondary virtual drives or the network attached storage when this setting is enabled. This may be set to Not Configured in such cases and would not be a finding.

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Object Access >> "Audit Removable Storage" with "Success" selected.

V-224899 CAT II Windows Server 2016 must be configured to audit Object Acces...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 2407B24433D2B954716743C3A3B170CD2F14F60B ~~~~~ Removable Storage: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Object Access >> Removable Storage - Failure Virtual machines or systems that use network attached storage may generate excessive audit events for secondary virtual drives or the network attached storage when this setting is enabled. This may be set to Not Configured in such cases and would not be a finding.

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Object Access >> "Audit Removable Storage" with "Failure" selected.

V-224900 CAT II Windows Server 2016 must be configured to audit Policy Chang...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Policy Change >> Audit Policy Change - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Policy Change >> "Audit Audit Policy Change" with "Success" selected.

V-224901 CAT II Windows Server 2016 must be configured to audit Policy Chang...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 97A2C29533741E815089838C552EA7A8C711908D ~~~~~ Audit Policy Change: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Policy Change >> Audit Policy Change - Failure

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Policy Change >> "Audit Audit Policy Change" with "Failure" selected.

V-224902 CAT II Windows Server 2016 must be configured to audit Policy Chang...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Policy Change >> Authentication Policy Change - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Policy Change >> "Audit Authentication Policy Change" with "Success" selected.

V-224903 CAT II Windows Server 2016 must be configured to audit Policy Chang...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74E73B7E4CAE038B8D1A0EEE0B6B63A38790EF6E ~~~~~ Authentication Policy Change: Success Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Policy Change >> Authorization Policy Change - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Policy Change >> "Audit Authorization Policy Change" with "Success" selected.

V-224904 CAT II Windows Server 2016 must be configured to audit Privilege Us...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Privilege Use >> Sensitive Privilege Use - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Privilege Use >> "Audit Sensitive Privilege Use" with "Success" selected.

V-224905 CAT II Windows Server 2016 must be configured to audit Privilege Us...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 5ADFCE8D22838148E00425A6936CEA3800FE7AA9 ~~~~~ Sensitive Privilege Use: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. Privilege Use >> Sensitive Privilege Use - Failure

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Privilege Use >> "Audit Sensitive Privilege Use" with "Failure" selected.

V-224906 CAT II Windows Server 2016 must be configured to audit System - IPs...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. System >> IPsec Driver - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit IPsec Driver" with "Success" selected.

V-224907 CAT II Windows Server 2016 must be configured to audit System - IPs...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: DA7397241EC5F3DE27CBE7655B73C2C623E786F1 ~~~~~ IPsec Driver: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. System >> IPsec Driver - Failure

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit IPsec Driver" with "Failure" selected.

V-224908 CAT II Windows Server 2016 must be configured to audit System - Oth...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*" Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. System >> Other System Events - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit Other System Events" with "Success" selected.

V-224909 CAT II Windows Server 2016 must be configured to audit System - Oth...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 65E40F6B959EF218D68DFC455C5196DC70924EDC ~~~~~ Other System Events: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. System >> Other System Events - Failure

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit Other System Events" with "Failure" selected.

V-224910 CAT II Windows Server 2016 must be configured to audit System - Sec...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 74302EBA5C1C13D9FC589EBADB52C502534366D6 ~~~~~ Security State Change: Success Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. System >> Security State Change - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit Security State Change" with "Success" selected.

V-224911 CAT II Windows Server 2016 must be configured to audit System - Sec...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7571EDCEC40BA7B892BBFFB7B1A91933D6B26E8D ~~~~~ Security System Extension: Success Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. System >> Security System Extension - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit Security System Extension" with "Success" selected.

V-224912 CAT II Windows Server 2016 must be configured to audit System - Sys...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. System >> System Integrity - Success

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit System Integrity" with "Success" selected.

V-224913 CAT II Windows Server 2016 must be configured to audit System - Sys...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: BA1B5CB4CECAEB661B4B6DC8FB69F37F5D308239 ~~~~~ System Integrity: Success and Failure Comments

Check Text

Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN16-SO-000050) for the detailed auditing subcategories to be effective. Use the AuditPol tool to review the current Audit Policy configuration: Open an elevated "Command Prompt" (run as administrator). Enter "AuditPol /get /category:*". Compare the AuditPol settings with the following. If the system does not audit the following, this is a finding. System >> System Integrity - Failure

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> System >> "Audit System Integrity" with "Failure" selected.

V-224914 CAT II The display of slide shows on the lock screen must be disabl...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 936C50F902C44C0D68CF3E394852F5F03D22E703 ~~~~~ 'Prevent enabling lock screen slide show' is Enabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Personalization Value Name: NoLockScreenSlideshow Value: 0x00000001 (1) Type: REG_DWORD Comments

Check Text

Verify the registry value below. If it does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Personalization\ Value Name: NoLockScreenSlideshow Value Type: REG_DWORD Value: 0x00000001 (1)

Fix Text

Configure the policy value for Computer Configuration >> Administrative Templates >> Control Panel >> Personalization >> "Prevent enabling lock screen slide show" to "Enabled".

V-224915 CAT II WDigest Authentication must be disabled on Windows Server 20...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7B07ED3ECA2CAD6E6EF5433B7B0D16EDA4ACD305 ~~~~~ 'WDigest Authentication (disabling may require KB2871997)' is Disabled Registry Path: HKLM:\SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest Value Name: UseLogonCredential Value: 0x00000000 (0) Type: REG_DWORD Comments

Check Text

If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Control\SecurityProviders\Wdigest\ Value Name: UseLogonCredential Type: REG_DWORD Value: 0x00000000 (0)

Fix Text

Configure the policy value for Computer Configuration >> Administrative Templates >> MS Security Guide >> "WDigest Authentication (disabling may require KB2871997)" to "Disabled". This policy setting requires the installation of the SecGuide custom templates included with the STIG package. "SecGuide.admx" and " SecGuide.adml" must be copied to the \Windows\PolicyDefinitions and \Windows\PolicyDefinitions\en-US directories respectively.

V-224920 CAT II Insecure logons to an SMB server must be disabled.

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 82F1D332008FB8B34EBC506111C5A9D6D04B2E00 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation\ Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 82F1D332008FB8B34EBC506111C5A9D6D04B2E00 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation\ Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 82F1D332008FB8B34EBC506111C5A9D6D04B2E00 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation\ Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 82F1D332008FB8B34EBC506111C5A9D6D04B2E00 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation\ Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 82F1D332008FB8B34EBC506111C5A9D6D04B2E00 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation\ Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 82F1D332008FB8B34EBC506111C5A9D6D04B2E00 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation\ Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 82F1D332008FB8B34EBC506111C5A9D6D04B2E00 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation\ Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 82F1D332008FB8B34EBC506111C5A9D6D04B2E00 ~~~~~ 'Enable insecure guest logons' is Disabled Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation\ Value Name: AllowInsecureGuestAuth Value: 0x00000000 (0) Type: REG_DWORD Comments

Check Text

If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\LanmanWorkstation\ Value Name: AllowInsecureGuestAuth Type: REG_DWORD Value: 0x00000000 (0)

Fix Text

Configure the policy value for Computer Configuration >> Administrative Templates >> Network >> Lanman Workstation >> "Enable insecure guest logons" to "Disabled".

V-224921 CAT II Hardened UNC paths must be defined to require mutual authent...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1DAEBFC17690D31E3DA81E08DFB323B4D2BD08FD ~~~~~ 'Hardened UNC Paths' is configured properly. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\NETLOGON Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\SYSVOL Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1DAEBFC17690D31E3DA81E08DFB323B4D2BD08FD ~~~~~ 'Hardened UNC Paths' is configured properly. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\NETLOGON Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\SYSVOL Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1DAEBFC17690D31E3DA81E08DFB323B4D2BD08FD ~~~~~ 'Hardened UNC Paths' is configured properly. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\NETLOGON Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\SYSVOL Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1DAEBFC17690D31E3DA81E08DFB323B4D2BD08FD ~~~~~ 'Hardened UNC Paths' is configured properly. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\NETLOGON Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\SYSVOL Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1DAEBFC17690D31E3DA81E08DFB323B4D2BD08FD ~~~~~ 'Hardened UNC Paths' is configured properly. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\NETLOGON Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\SYSVOL Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 129AAFAE3AF022AFE44F51ED28E32569CF7A0D22 ~~~~~ 'Hardened UNC Paths' is configured properly. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\NETLOGON Value: RequireMutualAuthentication=1, RequireIntegrity=1 Type: REG_SZ Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\SYSVOL Value: RequireMutualAuthentication=1, RequireIntegrity=1 Type: REG_SZ Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1DAEBFC17690D31E3DA81E08DFB323B4D2BD08FD ~~~~~ 'Hardened UNC Paths' is configured properly. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\NETLOGON Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\SYSVOL Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 1DAEBFC17690D31E3DA81E08DFB323B4D2BD08FD ~~~~~ 'Hardened UNC Paths' is configured properly. Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\NETLOGON Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths Value Name: \\\SYSVOL Value: RequireMutualAuthentication=1,RequireIntegrity=1 Type: REG_SZ Comments

Check Text

This requirement is applicable to domain-joined systems. For standalone or nondomain-joined systems, this is NA. If the following registry values do not exist or are not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths\ Value Name: \\*\NETLOGON Value Type: REG_SZ Value: RequireMutualAuthentication=1, RequireIntegrity=1 Value Name: \\*\SYSVOL Value Type: REG_SZ Value: RequireMutualAuthentication=1, RequireIntegrity=1 Additional entries would not be a finding.

Fix Text

Configure the policy value for Computer Configuration >> Administrative Templates >> Network >> Network Provider >> "Hardened UNC Paths" to "Enabled" with at least the following configured in "Hardened UNC Paths": (click the "Show" button to display) Value Name: \\*\SYSVOL Value: RequireMutualAuthentication=1, RequireIntegrity=1 Value Name: \\*\NETLOGON Value: RequireMutualAuthentication=1, RequireIntegrity=1

V-224922 CAT II Command line data must be included in process creation event...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4DFC6BA75798E56910A33B9D96E6D2D420BC6756 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit\ Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4DFC6BA75798E56910A33B9D96E6D2D420BC6756 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit\ Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4DFC6BA75798E56910A33B9D96E6D2D420BC6756 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit\ Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4DFC6BA75798E56910A33B9D96E6D2D420BC6756 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit\ Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4DFC6BA75798E56910A33B9D96E6D2D420BC6756 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit\ Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4DFC6BA75798E56910A33B9D96E6D2D420BC6756 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit\ Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4DFC6BA75798E56910A33B9D96E6D2D420BC6756 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit\ Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4DFC6BA75798E56910A33B9D96E6D2D420BC6756 ~~~~~ 'Include command line in process creation events' is Enabled Registry Path: HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit\ Value Name: ProcessCreationIncludeCmdLine_Enabled Value: 0x00000001 (1) Type: REG_DWORD Comments

Check Text

If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\Audit\ Value Name: ProcessCreationIncludeCmdLine_Enabled Value Type: REG_DWORD Value: 0x00000001 (1)

Fix Text

Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Audit Process Creation >> "Include command line in process creation events" to "Enabled".

V-224924 CAT II Early Launch Antimalware, Boot-Start Driver Initialization P...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CAC40986FA03A2CB5669A1B454BA8ADE27C5134 ~~~~~ 'Good, unknown and bad but critical' is Not Configured in Group Policy which is acceptable per the STIG. Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch\ Value Name: DriverLoadPolicy (Not found) Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CAC40986FA03A2CB5669A1B454BA8ADE27C5134 ~~~~~ 'Good, unknown and bad but critical' is Not Configured in Group Policy which is acceptable per the STIG. Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch\ Value Name: DriverLoadPolicy (Not found) Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CAC40986FA03A2CB5669A1B454BA8ADE27C5134 ~~~~~ 'Good, unknown and bad but critical' is Not Configured in Group Policy which is acceptable per the STIG. Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch\ Value Name: DriverLoadPolicy (Not found) Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CAC40986FA03A2CB5669A1B454BA8ADE27C5134 ~~~~~ 'Good, unknown and bad but critical' is Not Configured in Group Policy which is acceptable per the STIG. Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch\ Value Name: DriverLoadPolicy (Not found) Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CAC40986FA03A2CB5669A1B454BA8ADE27C5134 ~~~~~ 'Good, unknown and bad but critical' is Not Configured in Group Policy which is acceptable per the STIG. Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch\ Value Name: DriverLoadPolicy (Not found) Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CAC40986FA03A2CB5669A1B454BA8ADE27C5134 ~~~~~ 'Good, unknown and bad but critical' is Not Configured in Group Policy which is acceptable per the STIG. Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch\ Value Name: DriverLoadPolicy (Not found) Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CAC40986FA03A2CB5669A1B454BA8ADE27C5134 ~~~~~ 'Good, unknown and bad but critical' is Not Configured in Group Policy which is acceptable per the STIG. Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch\ Value Name: DriverLoadPolicy (Not found) Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 4CAC40986FA03A2CB5669A1B454BA8ADE27C5134 ~~~~~ 'Good, unknown and bad but critical' is Not Configured in Group Policy which is acceptable per the STIG. Registry Path: HKLM:\SYSTEM\CurrentControlSet\Policies\EarlyLaunch\ Value Name: DriverLoadPolicy (Not found) Comments

Check Text

The default behavior is for Early Launch Antimalware - Boot-Start Driver Initialization policy to enforce "Good, unknown and bad but critical" (preventing "bad"). If the registry value name below does not exist, this is not a finding. If it exists and is configured with a value of "0x00000007 (7)", this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SYSTEM\CurrentControlSet\Policies\EarlyLaunch\ Value Name: DriverLoadPolicy Value Type: REG_DWORD Value: 0x00000001 (1), 0x00000003 (3), or 0x00000008 (8) (or if the Value Name does not exist) Possible values for this setting are: 8 - Good only 1 - Good and unknown 3 - Good, unknown and bad but critical 7 - All (which includes "bad" and would be a finding)

Fix Text

The default behavior is for Early Launch Antimalware - Boot-Start Driver Initialization policy to enforce "Good, unknown and bad but critical" (preventing "bad"). If this needs to be corrected or a more secure setting is desired, configure the policy value for Computer Configuration >> Administrative Templates >> System >> Early Launch Antimalware >> "Boot-Start Driver Initialization Policy" to "Not Configured" or "Enabled" with any option other than "All" selected.

V-224925 CAT II Group Policy objects must be reprocessed even if they have n...

8 assets 8 Closed Microsoft Windows Se...

Hostname	IP Address	Last Scan
MONT-AP-002	164.231.187.39	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7905A44A409938687363A90FF0AA7E4DD50D87CF ~~~~~ 'Configure registry policy processing' is Enabled with 'Process even if the Group Policy objects have not changed' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\ Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-BE-002	164.231.187.37	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7905A44A409938687363A90FF0AA7E4DD50D87CF ~~~~~ 'Configure registry policy processing' is Enabled with 'Process even if the Group Policy objects have not changed' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\ Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-DB-002	164.231.187.38	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7905A44A409938687363A90FF0AA7E4DD50D87CF ~~~~~ 'Configure registry policy processing' is Enabled with 'Process even if the Group Policy objects have not changed' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\ Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-DC-003	164.231.187.34	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7905A44A409938687363A90FF0AA7E4DD50D87CF ~~~~~ 'Configure registry policy processing' is Enabled with 'Process even if the Group Policy objects have not changed' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\ Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-DP-001	164.231.187.44	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7905A44A409938687363A90FF0AA7E4DD50D87CF ~~~~~ 'Configure registry policy processing' is Enabled with 'Process even if the Group Policy objects have not changed' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\ Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-MB-002	164.231.187.36	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7905A44A409938687363A90FF0AA7E4DD50D87CF ~~~~~ 'Configure registry policy processing' is Enabled with 'Process even if the Group Policy objects have not changed' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\ Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-VSF-003	164.231.187.42	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7905A44A409938687363A90FF0AA7E4DD50D87CF ~~~~~ 'Configure registry policy processing' is Enabled with 'Process even if the Group Policy objects have not changed' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\ Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments
MONT-VSF-004	164.231.187.43	2026-01-14
Finding Details Evaluate-STIG 1.2507.5 (Scan-WindowsServer2016_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 7905A44A409938687363A90FF0AA7E4DD50D87CF ~~~~~ 'Configure registry policy processing' is Enabled with 'Process even if the Group Policy objects have not changed' Registry Path: HKLM:\SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\ Value Name: NoGPOListChanges Value: 0x00000000 (0) Type: REG_DWORD Comments

Check Text

If the following registry value does not exist or is not configured as specified, this is a finding. Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \SOFTWARE\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\ Value Name: NoGPOListChanges Type: REG_DWORD Value: 0x00000000 (0)

Fix Text

Configure the policy value for Computer Configuration >> Administrative Templates >> System >> Group Policy >> "Configure registry policy processing" to "Enabled" with the option "Process even if the Group Policy objects have not changed" selected.

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Check Text

Fix Text

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Check Text

Fix Text

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Check Text

Fix Text

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Check Text

Fix Text

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments

Finding Details

Comments