STIGQter STIGQter: STIG Summary: Windows PAW Security Technical Implementation Guide Version: 1 Release: 3 Benchmark Date: 15 May 2020:

The Windows PAW must be configured so that all non-administrative-related applications and functions are blocked or removed from the PAW platform, including but not limited to email, Internet browsing, and line-of-business applications.

DISA Rule

SV-92861r1_rule

Vulnerability Number

V-78155

Group Title

PAW-00-001000

Rule Version

WPAW-00-001000

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Remove email applications and all line-of business applications from the PAW.

Note: Internet browsing is blocked using the PAW host-based firewall or by configuring a proxy address with a loopback address on the PAW. (See STIG check WPAW-00-002200.)

Check Contents

Note: Internet browsing is blocked using the PAW host-based firewall or by configuring a proxy address with a loopback address on the PAW. (See STIG check WPAW-00-002200.) Blocking Internet browsing does not need to be verified in this procedure.

Review the services and applications installed on the PAW.

Verify there are no email applications/clients and line-of-business applications installed on the PAW.

If email applications/clients or line-of-business applications are installed on the PAW, this is a finding.

Vulnerability Number

V-78155

Documentable

False

Rule Version

WPAW-00-001000

Severity Override Guidance

Note: Internet browsing is blocked using the PAW host-based firewall or by configuring a proxy address with a loopback address on the PAW. (See STIG check WPAW-00-002200.) Blocking Internet browsing does not need to be verified in this procedure.

Review the services and applications installed on the PAW.

Verify there are no email applications/clients and line-of-business applications installed on the PAW.

If email applications/clients or line-of-business applications are installed on the PAW, this is a finding.

Check Content Reference

M

Target Key

3283

Comments