bastion.inf

  1. Security+ Certification
  2. Security+: Definitions and Catchwords
  3. Security+ Domain 1.0: Threats, Attacks and Vulnerabilities
  4. Security+ Domain 2.0: Technologies and Tools, Chapter 6
  5. Security+ Domain 2.0: Technologies and Tools, Chapter 7
  6. Security+ Domain 2.0: Technologies and Tools, Chapter 8
  7. Security+ Domain 2.0: Technologies and Tools, Chapter 9
  8. Security+ Domain 2.0: Technologies and Tools, Chapter 10
  9. Security+ Domain 3.0: Architecture and Design: Chapter 11
  10. Security+ Domain 3.0: Secure Systems Design and Deployment: Chapter 12
  11. Security+ Domain 3.0: Secure Systems Design and Deployment: Chapter 12 cont’d
  12. Security+ Domain 3.0: Architecture and Design: Chapter 13: Embedded Systems
  13. Security+ Domain 3.0: Architecture and Design: Chapter 14: Application Development
  14. Security+ Domain 3.0: Architecture and Design: Chapter 15: Cloud and Virtualization
  15. Security+ Domain 3.0: Architecture and Design: Chapter 16: Resiliency and Automation
  16. Security+ Domain 3.0: Architecture and Design: Chapter 17: Physical Security
  17. Security+ Domain 4.0: Identity and Access Management: Chapter 18
  18. Security+ Domain 4.0: Identity and Access Management: Chapter 19
  19. Security+ Domain 4.0: Identity and Access Management: Chapter 20
  20. Security+ Domain 5.0: Risk Management: Chapter 21
  21. Security+ Domain 5.0: Risk Management: Chapter 22
  22. Security+ : Sample Questions
  23. Security+ Domain 5.0: Risk Management: Chapter 23
  24. bastion.inf
  25. Security+ Domain 5.0: Risk Management: Chapter 24
  26. Security+ Domain 5.0: Risk Management: Chapter 25
  27. Security+ Domain 5.0: Risk Management: Chapter 26
  28. Security+ Domain 5.0: Risk Management: Chapter 27
  29. Security+ Domain 5.0: Risk Management: Chapter 28
  30. Security+ Domain 5.0: Risk Management: Chapter 29
  31. Security+: My Favorite Free Tools

[System Access]
MinimumPasswordAge = 2
MaximumPasswordAge = 42
MinimumPasswordLength = 10
PasswordComplexity = 1
PasswordHistorySize = 6
LockoutBadCount = 5
ResetLockoutCount = 720
LockoutDuration = -1
RequireLogonToChangePassword = 1
ForceLogoffWhenHourExpire = 1
NewAdministratorName = “root”
[System Log]
MaximumLogSize = 100032
AuditLogRetentionPeriod = 1
RetentionDays = 30
RestrictGuestAccess = 1
[Security Log]
MaximumLogSize = 100032
AuditLogRetentionPeriod = 1
RetentionDays = 30
RestrictGuestAccess = 1
[Application Log]
MaximumLogSize = 100032
AuditLogRetentionPeriod = 1
RetentionDays = 30
RestrictGuestAccess = 1
[Event Audit]
AuditSystemEvents = 3
AuditLogonEvents = 3
AuditObjectAccess = 2
AuditPrivilegeUse = 2
AuditPolicyChange = 3
AuditAccountManage = 3
AuditProcessTracking = 0
CrashOnAuditFull = 1
[Registry Keys]
“USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies”,2,”D:(A;CI;0x10000000;;;CO)(A;CI;0xc0010000;;;PU)”
“USERS\.DEFAULT\SOFTWARE\Microsoft\Protected Storage System Provider”,1,””
“USERS\.DEFAULT\Software\Microsoft\NetDDE”,2,”D:P(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“USERS\.DEFAULT”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SYSTEM\CurrentControlSet\Hardware Profiles\Current”,1,””
“MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation”,2,”D:(A;CI;0xc0000000;;;PU)”
“MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Executive”,2,”D:(A;CI;0xc0000000;;;PU)”
“MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg”,2,”D:P(A;CI;0x10000000;;;DA)(A;CI;0xc0000000;;;BO)”
“MACHINE\SYSTEM\CurrentControlSet\Control\ProductOptions”,1,””
“MACHINE\SYSTEM\CurrentControlSet\Enum”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;SY)”
“MACHINE\SYSTEM\ControlSet001″,1,””
“MACHINE\SYSTEM\ControlSet002″,1,””
“MACHINE\SYSTEM\ControlSet003″,1,””
“MACHINE\SYSTEM\ControlSet004″,1,””
“MACHINE\SYSTEM\ControlSet005″,1,””
“MACHINE\SYSTEM\ControlSet006″,1,””
“MACHINE\SYSTEM\ControlSet007″,1,””
“MACHINE\SYSTEM\ControlSet008″,1,””
“MACHINE\SYSTEM\ControlSet009″,1,””
“MACHINE\SYSTEM\ControlSet010″,1,””
“MACHINE\SYSTEM\Clone”,1,””
“MACHINE\SYSTEM”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WOW”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Type 1 Installer\Type 1 Fonts”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Time Zones”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Ports”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib\009″,1,””
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib”,2,”D:P(A;CI;0x80000000;;;IU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Midimap”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\MCI Extensions”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\GRE_Initialize”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontSubstitutes”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Fonts”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\FontMapper”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Font Drivers”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Embedding”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32″,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\drivers.desc”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Compatibility”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0000000;;;PU)”
“MACHINE\SOFTWARE\Microsoft\Secure”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Rpc”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;CO)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\Protected Storage System Provider”,1,””
“MACHINE\SOFTWARE\Microsoft\Ole”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;CO)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Microsoft\NetDDE”,2,”D:P(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“MACHINE\SOFTWARE\Classes”,1,””
“MACHINE\Software”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)(A;CI;0x10000000;;;CO)(A;CI;0xc0010000;;;PU)S:P(SA;CIOISAFA;0x000d0006;;;WD)”
“CLASSES_ROOT\.hlp”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“CLASSES_ROOT\helpfile”,2,”D:P(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;SY)”
“CLASSES_ROOT”,2,”D:(A;CI;0x80000000;;;AU)(A;CI;0x10000000;;;DA)(A;CI;0x10000000;;;CO)(A;CI;0x10000000;;;SY)(A;CI;0xc0010000;;;PU)”
[File Security]
“%SystemDirectory%\midimap.cfg”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\localmon.dll”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\hpmon.hlp”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\hpmon.dll”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\config.nt”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\cmos.ram”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\autoexec.nt”,2,”D:(A;;0xe0010000;;;PU)”
“%SystemDirectory%\spool\printers”,2,”D:P(A;CI;0xa0000000;;;AU)(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;CIOI;0xe0010000;;;PU)”
“%SystemDirectory%\spool”,2,”D:(A;CIOI;0x10000000;;;CO)(A;CIOI;0xe0010000;;;PU)S:P”
“%SystemDirectory%\repl\export”,2,”D:(A;CIOI;0x10000000;;;CO)(A;CIOI;0xe0010000;;;RP)S:P”
“%SystemDirectory%\repl\import”,2,”D:(A;CIOI;0x10000000;;;CO)(A;CIOI;0xe0010000;;;RP)S:P”
“%SystemDirectory%\config”,2,”D:P(A;CI;0xa0000000;;;AU)(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)”
“%SystemRoot%\Web\WallPaper\Wallpapr.htm”,2,”D:P(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xa0000000;;;IU)”
“%SystemRoot%\Web\WallPaper”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\Subscriptions”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\OCCache”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\fpxpress.ini”,2,”D:(A;;0xe0010000;;;IU)”
“%SystemRoot%\Downloaded Program Files”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\Temporary Internet Files”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\History”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\Cookies”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0xe0010000;;;IU)”
“%SystemRoot%\setup.old”,2,”D:(A;;0xe0010000;;;IU)”
“%SystemRoot%\Win.ini”,2,”D:P(A;;0xa0000000;;;AU)(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xe0010000;;;PU)”
“%SystemRoot%\repair”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)”
“%SystemRoot%\profiles”,1,””
“%SystemRoot%”,2,”D:P(A;CIOI;0xa0000000;;;AU)(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;CI;0xe0010000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“%SystemDrive%\PageFile.Sys”,1,””
“%SystemDrive%\InetPub”,1,””
“%SystemDrive%\Users”,1,””
“%SystemDrive%\Temp”,2,”D:P(A;CIOI;0x10000000;;;CO)(A;CI;0xe0000000;;;AU)(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)”
“%SystemDrive%\~Secure.nt”,1,””
“%SystemDrive%\Recycler”,1,””
“%SystemDrive%\Program Files”,2,”D:P(A;CIOI;0x10000000;;;DA)(A;CIOI;0xa0000000;;;AU)(A;CIOI;0x10000000;;;SY)(A;CIOI;0xe0010000;;;PU)”
“%SystemDrive%”,0,”D:(A;CIOI;0xa0000000;;;AU)(A;CIOI;0x10000000;;;DA)(A;CIOI;0x10000000;;;SY)(A;CIOI;0x10000000;;;CO)(A;;0x40000000;;;PU)”
“c:\config.sys”,2,”D:P(A;;0xa0000000;;;AU)(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0x10000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“c:\autoexec.bat”,2,”D:P(A;;0xa0000000;;;AU)(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0x10000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“c:\ntbootdd.sys”,2,”D:P(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xa0000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“c:\ntldr”,2,”D:P(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xa0000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“c:\ntdetect.com”,2,”D:P(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xa0000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
“c:\boot.ini”,2,”D:P(A;;0x10000000;;;DA)(A;;0x10000000;;;SY)(A;;0xa0000000;;;PU)S:P(SA;CIOISA;0x00000110;;;WD)(SA;CIOISAFA;0x000d0046;;;WD)”
[Version]
signature=”$CHICAGO$”
[Privilege Rights]
SeAssignPrimaryTokenPrivilege =
SeAuditPrivilege =
SeBackupPrivilege = Administrators
SeCreatePagefilePrivilege = Administrators
SeCreatePermanentPrivilege =
SeCreateTokenPrivilege =
SeDebugPrivilege =
SeIncreaseBasePriorityPrivilege = Administrators
SeIncreaseQuotaPrivilege = Administrators
SeInteractiveLogonRight = Administrators
SeLoadDriverPrivilege = Administrators
SeLockMemoryPrivilege =
SeNetworkLogonRight =
SeProfileSingleProcessPrivilege = Administrators
SeRemoteShutdownPrivilege =
SeRestorePrivilege = Administrators
SeSecurityPrivilege = Administrators
SeShutdownPrivilege = Administrators
SeSystemEnvironmentPrivilege = Administrators
SeSystemProfilePrivilege = Administrators
SeSystemTimePrivilege = Administrators
SeTakeOwnershipPrivilege = Administrators
SeTcbPrivilege =
SeMachineAccountPrivilege =
SeChangeNotifyPrivilege = Everyone
SeBatchLogonRight =
SeServiceLogonRight =
[Profile Description]
Description=Cisco Bastion Host Script
[Service General Setting]
ClipSrv,4,”D:(A;CIOI;0x0002008d;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x0002008f;;;PU)(A;CIOI;0x0000009d;;;IU)S:(SA;FA;0x000f01ff;;;WD)”
cisvc,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
DHCP,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
LicenseService,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
MSDTC,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
NetDDE,4,”D:(A;CIOI;0x0002008d;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x0002008f;;;PU)(A;CIOI;0x0000009d;;;IU)S:(SA;FA;0x000f01ff;;;WD)”
NetDDEdsdm,4,”D:(A;CIOI;0x0002008d;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x0002008f;;;PU)(A;CIOI;0x0000009d;;;IU)S:(SA;FA;0x000f01ff;;;WD)”
RPCLOCATOR,4,”D:(A;CIOI;0x00020000;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x000f01ff;;;SY)(A;CIOI;0x00020000;;;PU)(A;CIOI;0x0000009d;;;IU)(A;CIOI;0x0000009d;;;S-0x1-0x000000000005-0x20-0x221)S:(SA;FA;0x000f01ff;;;WD)”
Schedule,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
Spooler,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
LmHosts,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
TapiSrv,4,”D:(A;CIOI;0x0002008d;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x0002008f;;;PU)(A;CIOI;0x0000009d;;;IU)(A;CIOI;0x0000009d;;;S-0x1-0x000000000005-0x20-0x221)S:(SA;FA;0x000f01ff;;;WD)”
UPS,4,”D:(A;;0x0002018d;;;WD)(A;;0x000201fd;;;PU)(A;;0x000f01ff;;;DA)(A;;0x000f01ff;;;SO)(A;;0x000201fd;;;SY)S:(SA;FA;0x000f01ff;;;WD)”
RpcSs,2,”D:(A;CIOI;0x00020000;;;WD)(A;CIOI;0x000f01ff;;;DA)(A;CIOI;0x000f01ff;;;SY)(A;CIOI;0x00020000;;;PU)(A;CIOI;0x0000009d;;;IU)(A;CIOI;0x0000009d;;;S-0x1-0x000000000005-0x20-0x221)S:(SA;FA;0x000f01ff;;;WD)”
[Registry Values]
MACHINE\SOFTWARE\Microsoft\DataFactory\HandlerInfo\HandlerRequired=4,1
MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem\NtfsDisable8dot3NameCreation=4,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ShutdownWithoutLogon=1,0
MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditing=3,31
MACHINE\System\CurrentControlSet\Control\Lsa\SubmitControl=4,0
MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjects=4,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRoms=1,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppies=1,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount=1,0
MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdown=4,1
MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFail=4,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\DontDisplayLastUserName=1,1
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeCaption=1,Hardened by InfoSec – Cisco Systems
MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\LegalNoticeText=1,This is a private system. Unauthorized use is prohibited.
MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevel=4,5
MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionMode=4,1
MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymous=4,1
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannel=4,1
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannel=4,1
MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSeal=4,1
MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnableSecuritySignature=4,1
MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\RequireSecuritySignature=4,1
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoShareWks=4,0
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoShareServer=4,0
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignature=4,1
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignature=4,1
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOff=4,1
MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnect=4,15
MACHINE\System\CurrentControlSet\Services\Rdr\Parameters\EnablePlainTextPassword=4,0
MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\AddPrintDrivers=4,1
MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableIPSourceRouting=4,1