STIGQter: STIG Summary: Windows 10 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021: STIGQter: STIG Summary: Windows 10 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021:SV-220712r569187_rule
V-220712
SRG-OS-000324-GPOS-00125
WN10-00-000070
CAT I
10
Configure the system to include only administrator groups or accounts that are responsible for the system in the local Administrators group.
For domain-joined workstations, the Domain Admins group must be replaced by a domain workstation administrator group.
Remove any standard user accounts.
Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Groups.
Review the members of the Administrators group.
Only the appropriate administrator groups or accounts responsible for administration of the system may be members of the group.
For domain-joined workstations, the Domain Admins group must be replaced by a domain workstation administrator group.
Standard user accounts must not be members of the local administrator group.
If prohibited accounts are members of the local administrators group, this is a finding.
The built-in Administrator account or other required administrative accounts would not be a finding.
V-220712
False
WN10-00-000070
Run "Computer Management".
Navigate to System Tools >> Local Users and Groups >> Groups.
Review the members of the Administrators group.
Only the appropriate administrator groups or accounts responsible for administration of the system may be members of the group.
For domain-joined workstations, the Domain Admins group must be replaced by a domain workstation administrator group.
Standard user accounts must not be members of the local administrator group.
If prohibited accounts are members of the local administrators group, this is a finding.
The built-in Administrator account or other required administrative accounts would not be a finding.
M
4072