V-254240
CAT IWindows Server 2022 administrative accounts must not be used with applications that access the internet, such as web browsers, or with potential internet sources, such as email.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
Determine whether organization policy, at a minimum, prohibits administrative accounts from using applications that access the internet, such as web browsers, or with potential internet sources, such as email, except as necessary for local service administration.
If it does not, this is a finding.
The organization may use technical means such as whitelisting to prevent the use of browsers and mail applications to enforce this requirement.
Fix Text
Establish a policy, at minimum, to prohibit administrative accounts from using applications that access the internet, such as web browsers, or with potential internet sources, such as email. Ensure the policy is enforced.
The organization may use technical means such as whitelisting to prevent the use of browsers and mail applications to enforce this requirement.
STIG Reference
- STIG
- Microsoft Windows Server 2022 Security Technical Implementation Guide
- Version
- 2
- Release
- 8
- Rule ID
- SV-254240r991589_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_WinServer2022_V2R7_20260305-133436.cklb | Unassigned | 2026-03-05T13:34:36 | View in Context |