STIGQter STIGQter: STIG Summary: Windows PAW Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 15 May 2020:

A Windows PAW must only be used to manage high-value IT resources assigned to the same tier.

DISA Rule

SV-92853r1_rule

Vulnerability Number

V-78147

Group Title

PAW-00-000500

Rule Version

WPAW-00-000500

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Set aside one or more PAWs for remote management of high-value IT resources assigned to a specific tier. For example, using the Microsoft Tier 0-2 model, each PAW would be assigned to manage either Tier 0, Tier 1, or Tier 2 high-value IT resources.

Check Contents

Verify that a site has set aside one or more PAWs for remote management of high-value IT resources assigned to a specific tier.

Review any available site documentation.

Verify that any PAW used to manage high-value IT resources of a specific tier are used exclusively for managing high-value IT resources assigned to one and only one tier.

If the site has not set aside one or more PAWs for remote management of high-value IT resources assigned to a specific tier, this is a finding.

If PAWs used for managing high-value IT resources are used for additional functions, this is a finding.

Vulnerability Number

V-78147

Documentable

False

Rule Version

WPAW-00-000500

Severity Override Guidance

Verify that a site has set aside one or more PAWs for remote management of high-value IT resources assigned to a specific tier.

Review any available site documentation.

Verify that any PAW used to manage high-value IT resources of a specific tier are used exclusively for managing high-value IT resources assigned to one and only one tier.

If the site has not set aside one or more PAWs for remote management of high-value IT resources assigned to a specific tier, this is a finding.

If PAWs used for managing high-value IT resources are used for additional functions, this is a finding.

Check Content Reference

M

Target Key

3283

Comments