ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload
ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload
ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Active Directory Checklist, V1R1.2 Field Security Operations<br />
22 September 2006 Defense Information Systems Agency<br />
DS10.0120 Support Tools Access Permissions<br />
STIG ID \ V-Key DS10.0120 \ V0008320<br />
Severity Cat II<br />
Short Name Support Tools Access Permissions<br />
IA Controls DCSL-1<br />
MAC /Conf 1-CSP, 2-CSP, 3-CSP<br />
References AD STIG 2.3.1.4<br />
Long Name: Windows Support Tools program files do not have proper access permissions<br />
(ACLs).<br />
Checks:<br />
• Start Windows Explorer.<br />
• Right-click the “My Computer” item and select “Search…”<br />
- Enter “Support*” in the file name field.<br />
- Select “Local Hard Drives” in the “Look in:” field.<br />
- Click the Search button.<br />
• Record the location for the “Support Tools” directory.<br />
Note: The SA may have installed the Support Tools in an alternate location. If the<br />
default directory is not found, ask the SA.<br />
• If the directory is not found and the SA confirms that the Support Tools are not<br />
installed, then this check is Not Applicable.<br />
• Using the recorded location, compare the ACL of the Support Tools directory to<br />
the specifications in Checklist appendix A.1.2.<br />
• If the actual permissions are not at least as restrictive as those in the appendix,<br />
then this is a Finding.<br />
UNCLASSIFIED<br />
5-5
Change language