206 Managing Network Vulnerability Assessment
11. The system page file must be wiped during
shutdown
12. Security logs must be protected (all servers)
13. Auditing must be implemented on all NT
servers
B. High-level security configurations (for high-risk
systems)
1. Floppy disk and CD-ROM drives must be
disabled
2. Server must be hidden from the network
neighborhood and browsing tools
3. Administrative shares must be removed
C. Optional security settings for stronger security
1. Disable or minimize caching of log-on
credentials
2. Rename administrator account; create a user
account with the name Administrator but
with no rights
3. Set boot sequence to start with the hard drive
“C”
4. Use NTFS for all applications and user data
5. Enforce the use of strong passwords (registry
portion) by enabling use of the passfilt.dll
utility
6. Only systems operators will have the
privilege to enter the scheduling commands
7. Consider limiting of hours when users can
log on
8. Administrators should not be allowed to log
on from the network
9. The “Everyone” group should be replaced
with “Authenticated Users”
10. Saved passwords must be disabled
11. Avoid granting “Administration” and “Full
Control” permissions to users
12. Limit “Change” access to users who need to
delete or modify files and directories
13. Deny requests for shared accounts