API tools faq
paste
Advertisement
Guest User

List

a guest
Jul 27th, 2016
876
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.02 KB | None | 0 0
raw download clone embed print report
  1. Policy Security Setting
  2. Accounts: Administrator account status Disabled
  3. Accounts: Block Microsoft accounts Not Defined
  4. Accounts: Guest account status Disabled
  5. Accounts: Limit local account use of blank passwords to console logon only Enabled
  6. Accounts: Rename administrator account Administrator
  7. Accounts: Rename guest account Guest
  8. Audit: Audit the access of global system objects Disabled
  9. Audit: Audit the use of Backup and Restore privilege Enabled
  10. Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings Not Defined
  11. Audit: Shut down system immediately if unable to log security audits Disabled
  12. DCOM: Machine Access Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
  13. DCOM: Machine Launch Restrictions in Security Descriptor Definition Language (SDDL) syntax Not Defined
  14. Devices: Allow undock without having to log on Enabled
  15. Devices: Allowed to format and eject removable media Not Defined
  16. Devices: Prevent users from installing printer drivers Disabled
  17. Devices: Restrict CD-ROM access to locally logged-on user only Not Defined
  18. Devices: Restrict floppy access to locally logged-on user only Not Defined
  19. Domain controller: Allow server operators to schedule tasks Not Defined
  20. Domain controller: LDAP server signing requirements Not Defined
  21. Domain controller: Refuse machine account password changes Not Defined
  22. Domain member: Digitally encrypt or sign secure channel data (always) Enabled
  23. Domain member: Digitally encrypt secure channel data (when possible) Enabled
  24. Domain member: Digitally sign secure channel data (when possible) Enabled
  25. Domain member: Disable machine account password changes Disabled
  26. Domain member: Maximum machine account password age 30 days
  27. Domain member: Require strong (Windows 2000 or later) session key Enabled
  28. Interactive logon: Display user information when the session is locked Not Defined
  29. Interactive logon: Do not display last user name Disabled
  30. Interactive logon: Do not require CTRL+ALT+DEL Not Defined
  31. Interactive logon: Machine account lockout threshold Not Defined
  32. Interactive logon: Machine inactivity limit Not Defined
  33. Interactive logon: Message text for users attempting to log on
  34. Interactive logon: Message title for users attempting to log on
  35. Interactive logon: Number of previous logons to cache (in case domain controller is not available) 10 logons
  36. Interactive logon: Prompt user to change password before expiration 5 days
  37. Interactive logon: Require Domain Controller authentication to unlock workstation Disabled
  38. Interactive logon: Require smart card Disabled
  39. Interactive logon: Smart card removal behavior No Action
  40. Microsoft network client: Digitally sign communications (always) Disabled
  41. Microsoft network client: Digitally sign communications (if server agrees) Enabled
  42. Microsoft network client: Send unencrypted password to third-party SMB servers Disabled
  43. Microsoft network server: Amount of idle time required before suspending session 15 minutes
  44. Microsoft network server: Attempt S4U2Self to obtain claim information Not Defined
  45. Microsoft network server: Digitally sign communications (always) Disabled
  46. Microsoft network server: Digitally sign communications (if client agrees) Disabled
  47. Microsoft network server: Disconnect clients when logon hours expire Enabled
  48. Microsoft network server: Server SPN target name validation level Not Defined
  49. Network access: Allow anonymous SID/Name translation Disabled
  50. Network access: Do not allow anonymous enumeration of SAM accounts Enabled
  51. Network access: Do not allow anonymous enumeration of SAM accounts and shares Disabled
  52. Network access: Do not allow storage of passwords and credentials for network authentication Disabled
  53. Network access: Let Everyone permissions apply to anonymous users Disabled
  54. Network access: Named Pipes that can be accessed anonymously
  55. Network access: Remotely accessible registry paths System\CurrentControlSet\Control\ProductOptions,System\CurrentControlSet\Control\Server Applications,Software\Microsoft\Windows NT\CurrentVersion
  56. Network access: Remotely accessible registry paths and sub-paths System\CurrentControlSet\Control\Print\Printers,System\CurrentControlSet\Services\Eventlog,Software\Microsoft\OLAP Server,Software\Microsoft\Windows NT\CurrentVersion\Print,Software\Microsoft\Windows NT\CurrentVersion\Windows,System\CurrentControlSet\Control\ContentIndex,System\CurrentControlSet\Control\Terminal Server,System\CurrentControlSet\Control\Terminal Server\UserConfig,System\CurrentControlSet\Control\Terminal Server\DefaultUserConfiguration,Software\Microsoft\Windows NT\CurrentVersion\Perflib,System\CurrentControlSet\Services\SysmonLog
  57. Network access: Restrict anonymous access to Named Pipes and Shares Enabled
  58. Network access: Shares that can be accessed anonymously Not Defined
  59. Network access: Sharing and security model for local accounts Classic - local users authenticate as themselves
  60. Network security: Allow Local System to use computer identity for NTLM Not Defined
  61. Network security: Allow LocalSystem NULL session fallback Not Defined
  62. Network security: Allow PKU2U authentication requests to this computer to use online identities.
  63.  
  64. Not Defined
  65. Network security: Configure encryption types allowed for Kerberos Not Defined
  66. Network security: Do not store LAN Manager hash value on next password change Enabled
  67. Network security: Force logoff when logon hours expire Disabled
  68. Network security: LAN Manager authentication level Not Defined
  69. Network security: LDAP client signing requirements Negotiate signing
  70. Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require 128-bit encryption
  71. Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require 128-bit encryption
  72. Network security: Restrict NTLM: Add remote server exceptions for NTLM authentication Not Defined
  73. Network security: Restrict NTLM: Add server exceptions in this domain Not Defined
  74. Network security: Restrict NTLM: Audit Incoming NTLM Traffic Not Defined
  75. Network security: Restrict NTLM: Audit NTLM authentication in this domain Not Defined
  76. Network security: Restrict NTLM: Incoming NTLM traffic Not Defined
  77. Network security: Restrict NTLM: NTLM authentication in this domain Not Defined
  78. Network security: Restrict NTLM: Outgoing NTLM traffic to remote servers Not Defined
  79. Recovery console: Allow automatic administrative logon Disabled
  80. Recovery console: Allow floppy copy and access to all drives and all folders Disabled
  81. Shutdown: Allow system to be shut down without having to log on Enabled
  82. Shutdown: Clear virtual memory pagefile Disabled
  83. System cryptography: Force strong key protection for user keys stored on the computer Not Defined
  84. System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing Disabled
  85. System objects: Require case insensitivity for non-Windows subsystems Enabled
  86. System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) Enabled
  87. System settings: Optional subsystems
  88. System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Disabled
  89. User Account Control: Admin Approval Mode for the Built-in Administrator account Disabled
  90. User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop Disabled
  91. User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode Elevate without prompting
  92. User Account Control: Behavior of the elevation prompt for standard users Prompt for credentials
  93. User Account Control: Detect application installations and prompt for elevation Enabled
  94. User Account Control: Only elevate executables that are signed and validated Disabled
  95. User Account Control: Only elevate UIAccess applications that are installed in secure locations Enabled
  96. User Account Control: Run all administrators in Admin Approval Mode Enabled
  97. User Account Control: Switch to the secure desktop when prompting for elevation Disabled
  98. User Account Control: Virtualize file and registry write failures to per-user locations Enabled
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!