It Auditing: Using Controls to Protect Information Assets [IT AUDITING -OS N/D]

15 Review and evaluate the use of user rights and security options assigned to the elements in the security policy settings.

The default installation of Windows Server 2003 has 39 user rights settings and 70 security options. These settings and options allow broad, sweeping, and powerful changes to how the host will behave under many different situations.

Note 

Be very careful here. It is possible to lock yourself out, disable critical internal processes, and limit necessary functionality. It's strongly recommended that you thoroughly test any changes you make here in a test environment with any applications that may even possibly depend on the settings running on the system.

How

you'll find the security policies as they affect your system by typing rsop.msc or secpol.msc at the command line. After the GUI opens, select Computer Configuration | Windows Settings | Local Policies. Remember that you can export these settings by right clicking the folder icon and selecting "Export."

Evaluate the settings you have here with the policies you have for your organization. There are several guides suggesting recommended settings, including Microsoft's website, the built-in security templates, the Center for Information Security guides (http://www.cisecurity.org), and of course, SANS (http://www.sans.org). The bottom line here is that you need to decide what your organization is looking to accomplish and audit against these settings. If your organization isn't using these settings at all, then you should take the initiative to spearhead a project to look into these settings. Here are some common settings for both.

Common security options include

Common user rights assignments include

Related

Категории