All Object Templates in Microsoft.ControlActivity.Win7SP1.Library Management Pack

 DisplayNameDescriptionIDType
ID_081c1360_4c15_4499_916d_ac38090b9f99Configure Authorized ProtocolsThis control activity guides the IT professional through configuration of the local operating system protocol settings.ID_081c1360_4c15_4499_916d_ac38090b9f99System.Compliance.ManualControlActivityProjection
ID_139ef24d_c049_44df_b603_844e263af265Proceduralize Event Consolidation, Correlation, and Recreation through LogsConsolidate, correlate, and recreate events using the Windows Event Log.ID_139ef24d_c049_44df_b603_844e263af265System.Compliance.ManualControlActivityProjection
ID_169133b3_e2d8_4a23_b306_490e71bd7051Configure Local Firewall ParametersThis control activity guides the IT professional through configuration of the local operating system firewall.ID_169133b3_e2d8_4a23_b306_490e71bd7051System.Compliance.ManualControlActivityProjection
ID_17b61d57_d402_4b85_b65e_383771644aa8Proceduralize the Configuration of System Security ParametersMaintain a procedure by which operating system kernel security, system virtual memory clearing, and stack protection is managed.ID_17b61d57_d402_4b85_b65e_383771644aa8System.Compliance.ManualControlActivityProjection
ID_188f85e0_7b4d_4c61_99f0_6edbf0ba99c9Session ConfigurationUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure session parameters to ensure disconnection and resumption occur in a controlled manner to reduce the chances of a compromised session.ID_188f85e0_7b4d_4c61_99f0_6edbf0ba99c9Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_270695f4_1b4a_4a6b_9cdf_d62c777ef0e7User NotificationUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure the workstation to display a logon banner that clearly states authorized personnel and authorized actions for the workstation.ID_270695f4_1b4a_4a6b_9cdf_d62c777ef0e7Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_297c5f53_5aac_425d_ad1c_ef0ddc9d6cf4System IntegrityUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure settings that log conditions affecting the integrity of a system, such as whether it is infected, improperly configured, or unable to log events.ID_297c5f53_5aac_425d_ad1c_ef0ddc9d6cf4Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_327bf33a_d253_4582_9f90_5eba0ce09d92Proceduralize Remote Access Connectivity ManagementMaintain a procedure to facilitate authorized remote access connectivity and to prevent unapproved remote access methods.ID_327bf33a_d253_4582_9f90_5eba0ce09d92System.Compliance.ManualControlActivityProjection
ID_333f7dd4_949c_4fb8_bb5c_3bcdba3b1001Log Access LimitationUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure roles and rights management so that only authorized accounts may access operating system logs to prevent information disclosure or changing the log contents.ID_333f7dd4_949c_4fb8_bb5c_3bcdba3b1001Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_379e9066_930f_4158_9262_8952ad262d44Identity ManagementUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure accounts to prevent the use of duplicate identities, in order to allow the organization to determine which individual is associated with a specific action performed by an account.ID_379e9066_930f_4158_9262_8952ad262d44Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_391a783c_d7e8_4d67_9342_be5bd0882eecProceduralize the Restriction of Access to LogsMaintain a procedure to ensure that access to system logs is restricted to authorized personnel.ID_391a783c_d7e8_4d67_9342_be5bd0882eecSystem.Compliance.ManualControlActivityProjection
ID_393d12ea_b8a6_4a4a_ad07_c1fe359e9894Key ManagementUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure encryption key use and storage within the operating system to prevent unauthorized access.ID_393d12ea_b8a6_4a4a_ad07_c1fe359e9894Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_435f7747_66b4_4d5b_a532_5c0bd00892a4Encryption ConfigurationUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure algorithms and their use within the operating system to protect data at rest and in transit.ID_435f7747_66b4_4d5b_a532_5c0bd00892a4Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_460dfe54_f0fb_43f1_90d0_789d94b70d7bProceduralize the Preservation of Original Log FilesMaintain a logging function of assets that creates reference copies of log files to support investigations without affecting original log files.ID_460dfe54_f0fb_43f1_90d0_789d94b70d7bSystem.Compliance.ManualControlActivityProjection
ID_4f12115a_3aff_4ef4_b7ec_3c37c3e65565Logging ConfigurationUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure the Event Log service to ensure availability and transactional integrity to ensure that all transactions are able to log any errors.ID_4f12115a_3aff_4ef4_b7ec_3c37c3e65565Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_5151d52d_25d7_4e15_a500_c9c3451fcca4Log Meaningful EventsThis control activity guides the IT professional through configuration of the Event Log service to ensure that events that are relevant to compliance are recorded. Such events include the creation/modification/deletion of files, directories, and user accounts.ID_5151d52d_25d7_4e15_a500_c9c3451fcca4System.Compliance.ManualControlActivityProjection
ID_5bab3b52_628d_430c_8d6d_d27f5eb0ea7fAuthentication TypesUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure two-factor authentication to prevent unauthorized access if an account ID and password is compromised.ID_5bab3b52_628d_430c_8d6d_d27f5eb0ea7fMicrosoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_786a34c1_6e6f_4fed_9eb7_f6b242fac17bProceduralize the Monitoring of Access to Sensitive DataMaintain a procedure to monitor access to sensitive data as defined by the organization's data classification or equivalent policy.ID_786a34c1_6e6f_4fed_9eb7_f6b242fac17bSystem.Compliance.ManualControlActivityProjection
ID_799d218c_e436_444f_97e0_32db954665e2Least PrivilegeUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure roles and rights management to reduce available actions to only those authorized by the organization.ID_799d218c_e436_444f_97e0_32db954665e2Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_7dd08158_d7a8_4dec_afd4_f663ef644306Password AttributesUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure account password parameters to address password format, visibility, and lifespan to reduce the chance of brute-force or shoulder-surfing compromises.ID_7dd08158_d7a8_4dec_afd4_f663ef644306Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_86657a03_8eb4_4c54_b200_0f13703f005dName ResolutionMaintain a procedure by which domain name service is configured to an authorized source, limited to authorized zone transfer recipients, and configured for redundancy.ID_86657a03_8eb4_4c54_b200_0f13703f005dSystem.Compliance.ManualControlActivityProjection
ID_8e84e03a_e7cc_4ab6_8f5c_0e3937ccfe8aRemote AccessUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure remote access methods and access rights to ensure that only authorized accounts may remotely log on to a workstation.ID_8e84e03a_e7cc_4ab6_8f5c_0e3937ccfe8aMicrosoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_9446ce11_7cff_4bc0_8b0e_6aaa8c880914File SystemUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure roles and rights management to prevent non-administrative access to operating system files in order to enable segregation of duties between administrators and users.ID_9446ce11_7cff_4bc0_8b0e_6aaa8c880914Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_9de30f0f_71a6_43a2_896b_3646304305e5System DefaultsUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure domain server default accounts and authentication values to non-default accounts and values to prevent unauthorized access with commonly known credentials.ID_9de30f0f_71a6_43a2_896b_3646304305e5Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_a4839f72_8692_4d11_b482_c7d052ff0b28Password AttributesUse the Win7SP1 Domain Security Compliance 1.0 baseline to configure account password parameters to address password format, visibility, and lifespan to reduce the chance of brute-force or shoulder-surfing compromises.ID_a4839f72_8692_4d11_b482_c7d052ff0b28Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_a5f005fa_787c_4d9c_979a_fe7c1faaf489Proceduralize the Data Classification ProcessMaintain a procedure by which sensitive or personal data is classified, and labelled.ID_a5f005fa_787c_4d9c_979a_fe7c1faaf489System.Compliance.ManualControlActivityProjection
ID_a819bfec_7f1e_4097_8762_963765509287Proceduralize Vendor Access ManagementMaintain a procedure to allow asset administrators to grant access to vendors for a required specified duration to conduct legitimate work by creating or enabling vendor accounts that are associated with the individuals performing the work.ID_a819bfec_7f1e_4097_8762_963765509287System.Compliance.ManualControlActivityProjection
ID_b0c61d31_19cd_41cd_8376_c032c2bd48a7Configure SNMP ParametersThis control activity guides the IT professional through a process to reconfigure default SNMP values to custom values.ID_b0c61d31_19cd_41cd_8376_c032c2bd48a7System.Compliance.ManualControlActivityProjection
ID_b4c87e61_288b_497d_94f1_4ea0e9c04d38Proceduralize Access Lock ManagementMaintain a procedure that allows asset administrators to remove access locks that are triggered by access attempt failures.ID_b4c87e61_288b_497d_94f1_4ea0e9c04d38System.Compliance.ManualControlActivityProjection
ID_ba5e521a_c23d_45e2_8949_f69a5673d92eLeast FunctionalityUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure operating system features and functionality to only those necessary and authorized by the organization, in order to narrow the operating system's attack surface.ID_ba5e521a_c23d_45e2_8949_f69a5673d92eMicrosoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_bab83781_60db_40b1_9e42_d6ab637d1e19Network ProtectionUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure anti-spoofing network settings within the operating system.ID_bab83781_60db_40b1_9e42_d6ab637d1e19Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_c5e879c9_262e_496e_8ff4_f17772b8b0bbProceduralize the Data Retention ProcessMaintain a procedure by which logs are retained for the period prescribed by your organization, default system documentation is removed, and demonstration applications are removed. Log Retention Configuration Default Documentation Removal Demonstration Application RemovalID_c5e879c9_262e_496e_8ff4_f17772b8b0bbSystem.Compliance.ManualControlActivityProjection
ID_c6e48909_953a_4d73_ac9e_cf2b73d11375Account LockUse the Win7SP1 Domain Security Compliance 1.0 baseline to configure user authentication to lock accounts after unsuccessful logon attempts in order to reduce the chance of brute-force attacks.ID_c6e48909_953a_4d73_ac9e_cf2b73d11375Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_cdde5033_32b0_47b9_833b_3fe0b37e4d0dProtocol ConfigurationUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure the local operating system protocol settings to ensure only authorized protocols are used and that their attack profiles are minimized.ID_cdde5033_32b0_47b9_833b_3fe0b37e4d0dMicrosoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_d5a00663_7ec6_49cc_aa32_ed4106bdc79aEvent LoggingUse the Win7SP1 Computer Security Compliance 1.0 baseline to configure the Event Log service to ensure that events relevant to compliance are recorded so that they may be used to investigate compliance violations.ID_d5a00663_7ec6_49cc_aa32_ed4106bdc79aMicrosoft.SystemCenter.ConfigurationManager.ControlActivityProjection
ID_e15cd04e_4245_4f93_9a76_e50ed2adbec8Configure Local Time and Clock ParametersThis control activity guides the IT professional through the process of configuring a Windows Server 2008 server as an authoritative time server.ID_e15cd04e_4245_4f93_9a76_e50ed2adbec8System.Compliance.ManualControlActivityProjection
ID_e9f8337e_27b9_4224_be66_6c77a72229f4Configure User Notification ParametersThis control activity guides the IT professional through the configuration of local operating system settings that control warning banners.ID_e9f8337e_27b9_4224_be66_6c77a72229f4System.Compliance.ManualControlActivityProjection
ID_ee195bb4_aaf6_4e3a_9566_f33f93013f68Proceduralize the Authorization of ServicesMaintain a procedure by which services are authorized for enablement.ID_ee195bb4_aaf6_4e3a_9566_f33f93013f68System.Compliance.ManualControlActivityProjection
ID_f8260793_1879_4513_b429_1939e9e41d23Configure Authentication TypesThis control activity guides the IT professional through configuration of two-factor authentication.ID_f8260793_1879_4513_b429_1939e9e41d23System.Compliance.ManualControlActivityProjection