STIGQter: STIG Summary: Microsoft Windows Server 2019 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021: STIGQter: STIG Summary: Microsoft Windows Server 2019 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021:SV-205862r569188_rule
V-205862
SRG-OS-000480-GPOS-00227
WN19-CC-000080
CAT II
10
Configure the policy value for Computer Configuration >> Administrative Templates >> Network >> Network Provider >> "Hardened UNC Paths" to "Enabled" with at least the following configured in "Hardened UNC Paths" (click the "Show" button to display):
Value Name: \\*\SYSVOL
Value: RequireMutualAuthentication=1, RequireIntegrity=1
Value Name: \\*\NETLOGON
Value: RequireMutualAuthentication=1, RequireIntegrity=1
This requirement is applicable to domain-joined systems. For standalone systems, this is NA.
If the following registry values do not exist or are not configured as specified, this is a finding:
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths\
Value Name: \\*\NETLOGON
Value Type: REG_SZ
Value: RequireMutualAuthentication=1, RequireIntegrity=1
Value Name: \\*\SYSVOL
Value Type: REG_SZ
Value: RequireMutualAuthentication=1, RequireIntegrity=1
Additional entries would not be a finding.
V-205862
False
WN19-CC-000080
This requirement is applicable to domain-joined systems. For standalone systems, this is NA.
If the following registry values do not exist or are not configured as specified, this is a finding:
Registry Hive: HKEY_LOCAL_MACHINE
Registry Path: \SOFTWARE\Policies\Microsoft\Windows\NetworkProvider\HardenedPaths\
Value Name: \\*\NETLOGON
Value Type: REG_SZ
Value: RequireMutualAuthentication=1, RequireIntegrity=1
Value Name: \\*\SYSVOL
Value Type: REG_SZ
Value: RequireMutualAuthentication=1, RequireIntegrity=1
Additional entries would not be a finding.
M
2907