Tests Help
Enable "Network access: Do not allow storage of credentials or .NET Passports for network
●
authentication"
Disable "Network access: Let Everyone permissions apply to anonymous users"
●
Enable "Accounts: Limit local account use of blank passwords to console logon only"
●
How Does this Affect Me?. Certain configurations, such as the ones listed above, create potential holes
that can leak sensitive information if your system is compromised. Selecting the above policy options
creates a more secure network environment. The following links provide detailed information on these
security settings:
Enable "Network access: Do not allow storage of credentials or .NET Passports for network
●
authentication"
http://technet2.microsoft.com/windowsserver/en/library/66a6776a-b1ef-43dd-8f18-
d694fd07494b1033.mspx?mfr=true
Disable "Network access: Let Everyone permissions apply to anonymous users"
●
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/
loc_sec_set.mspx?mfr=true
Enable "Accounts: Limit local account use of blank passwords to console logon only"
●
http://www.microsoft.com/resources/documentation/IIS/6/all/proddocs/en-us/Default.asp?url=/resources/
documentation/IIS/6/all/proddocs/en-us/636.asp
What Do I Need to Do?. To select the security policies:
1 Select Start>>Settings>>Control Panel>>Administrative Tools.
2 Double-click Local Security Policy.
3 Double-click Local Policies.
4 Double-click Security Options.
5 Double-click a security policy.
6 Select Enabled or Disabled.
7 Click OK.
8 Close the Local Security Settings window.
9 Close the Administrative Tools window.
Windows Startup Registry Entries Allowed
Description. This test verifies that the endpoint attempting to connect to your system does not contain
non-compliant registry entries in the run and runOnce Windows registry keys.
Test Properties. Enter a list of registry key and values that are allowed in the run and runOnce
Windows registry keys. If the endpoint has any other values in those keys, the test will fail.
Separate entries by semicolons in the format <key> or <key>::<value>.
For example:
442
Sentriant AG Software Users Guide, Version 5.2