Improving Web Application Security: Threats and Countermeasures
| Check | Description |
|---|---|
|
| Latest COM+ updates and patches are installed. |
|
| Object constructor strings do not contain plain text secrets. |
|
| COM+ administration components are restricted. |
|
| Impersonation level that is set for the application is correct. |
|
| Server applications are configured to run with a least-privileged account. Server applications do not run using the identity of the interactively logged on user . |
|
| DTC service is disabled if it is not required. |
Категории