| | DisplayName | Description | ID | Type |
|---|
 | Configure Password Attributes | Windows Server 2008 R2: This control activity guides the IT professional through configuration of password creation parameters within Group Policy to achieve the recommended state of security. | WS08R2_MCA_00004 | Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection |
| Configure Logging Attributes | Windows Server 2008 R2: This control activity guides the IT professional through configuration of the Event Log service to ensure availability and transactional integrity. | WS08R2_MCA_00039 | Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection |
| Manage Authentication Certificates | Windows Server 2008 R2: This control activity guides the IT professional through a configuration process to address the requirement that software must be validated through a software certificate prior to installation. Before you enable this setting, consider the impact to the environment and software configuration management practices. If this setting is enabled, all software installation will require a valid certificate. Review your software inventory before you enable this setting. When it is enabled, you will not be able to install any software that does not have a valid certificate. | WS08R2_MCA_00043 | Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection |
| Configure Authentication Types | Windows Server 2008 R2: This control activity guides the IT professional through configuration of two-factor authentication. | WS08R2_MCA_00044 | System.Compliance.ManualControlActivityProjection |
| Configure General Access Limitation through User Rights Assignments | Windows Server 2008 R2: This control activity guides the IT professional through configuration of settings that enforce user authentication prior to system access. | WS08R2_MCA_00045 | Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection |
| Configure Session Parameters | Windows Server 2008 R2: This control activity guides the IT professional through configuration of user sessions to force logoff when logon hours expire. | WS08R2_MCA_00047 | Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection |
| Configure Account Lock Parameters | Windows Server 2008 R2: This control activity guides the IT professional through configuration of user authentication to lock accounts after unsuccessful logon attempts. | WS08R2_MCA_00048 | Microsoft.SystemCenter.ConfigurationManager.ControlActivityProjection |
| Configure User Notification Parameters | Windows Server 2008 R2: This control activity guides the IT professional through the configuration of local operating system settings that control warning banners. | WS08R2_MCA_00050 | System.Compliance.ManualControlActivityProjection |
| Configure Local Firewall Parameters | Windows Server 2008 R2: This control activity guides the IT professional through configuration of the local operating system firewall. | WS08R2_MCA_00053 | System.Compliance.ManualControlActivityProjection |
| Configure SNMP Parameters | Windows Server 2008 R2: This control activity guides the IT professional through a process to reconfigure default SNMP values to custom values. | WS08R2_MCA_00054 | System.Compliance.ManualControlActivityProjection |
| Configure Network Security Parameters | Windows Server 2008 R2: This control activity guides the IT professional through configuring anti-spoofing network settings within the operating system. | WS08R2_MCA_00055 | System.Compliance.ManualControlActivityProjection |
| Configure Authorized Protocols | Windows Server 2008 R2: This control activity guides the IT professional through configuration of the local operating system protocol settings. | WS08R2_MCA_00057 | System.Compliance.ManualControlActivityProjection |
| Configure Data Backup Functionality | Windows Server 2008 R2: This control activity guides the IT professional through configuration of the local operating system data backup settings. | WS08R2_MCA_00062 | System.Compliance.ManualControlActivityProjection |
| Configure Encryption | Windows Server 2008 R2: This control activity guides the IT professional through configuring the use of FIPS-compliant protocols and algorithms within the operating system. | WS08R2_MCA_00064 | System.Compliance.ManualControlActivityProjection |
| Configure Local Time and Clock Parameters | Windows Server 2008 R2: This control activity guides the IT professional through the process of configuring a Windows Server 2008 R2 server as an authoritative time server.
| WS08R2_MCA_00066 | System.Compliance.ManualControlActivityProjection |
| Proceduralize Event Consolidation, Correlation, and Recreation through Logs | Windows Server 2008 R2: Consolidate, correlate, and recreate events using the Windows Event Log.
| WS08R2_MCA_00069 | System.Compliance.ManualControlActivityProjection |
| Proceduralize the Preservation of Original Log Files | Windows Server 2008 R2: Maintain a logging function of assets that creates reference copies of log files to support investigations without affecting original log files.
| WS08R2_MCA_00071 | System.Compliance.ManualControlActivityProjection |
| Proceduralize Capacity and Availability Monitoring | Windows Server 2008 R2: Monitor assets for capacity and availability thresholds, alert when thresholds are exceeded, and respond to alerts as required by your organization’s incident management process.
| WS08R2_MCA_00072 | System.Compliance.ManualControlActivityProjection |
| Proceduralize Error and Fault Logging | Windows Server 2008 R2: Monitor for qualified errors and faults within deployed assets.
| WS08R2_MCA_00073 | System.Compliance.ManualControlActivityProjection |
| Proceduralize Access Lock Management | Windows Server 2008 R2: Maintain a procedure that allows asset administrators to remove access locks that are triggered by access attempt failures.
| WS08R2_MCA_00075 | System.Compliance.ManualControlActivityProjection |
| Proceduralize Vendor Access Management | Windows Server 2008 R2: Maintain a procedure to allow asset administrators to grant access to vendors for a required specified duration to conduct legitimate work by creating or enabling vendor accounts that are associated with the individuals performing the work.
| WS08R2_MCA_00076 | System.Compliance.ManualControlActivityProjection |
| Proceduralize Remote Access Connectivity Management | Windows Server 2008 R2: Maintain a procedure to facilitate authorized remote access connectivity and to prevent unapproved remote access methods.
| WS08R2_MCA_00086 | System.Compliance.ManualControlActivityProjection |
| Proceduralize Log Service Availability Management | Windows Server 2008 R2: Maintain a procedure by which log service failure is detected and remediated within a specified timeframe or in accordance with a service level agreement.
| WS08R2_MCA_00098 | System.Compliance.ManualControlActivityProjection |
| Proceduralize the Monitoring of Access to Sensitive Data | Windows Server 2008 R2: Maintain a procedure to monitor access to sensitive data as defined by the organization's data classification or equivalent policy.
| WS08R2_MCA_00099 | System.Compliance.ManualControlActivityProjection |
| Log Meaningful Events | Windows Server 2008 R2: This control activity guides the IT professional through configuration of the Event Log service to ensure that events that are relevant to compliance are recorded. Such events include the creation/modification/deletion of files, directories, and user accounts.
| WS08R2_MCA_00106 | System.Compliance.ManualControlActivityProjection |
| Proceduralize the Limitation of Access to Logs | Windows Server 2008 R2: Maintain a procedure by which access to system logs are limited to authorized personnel.
| WS08R2_MCA_00121 | System.Compliance.ManualControlActivityProjection |
| Proceduralize the Configuration of System Security Parameters | Windows Server 2008 R2: Maintain a procedure by which operating system kernel security, system virtual memory clearing, and stack protection is managed.
| WS08R2_MCA_00122 | System.Compliance.ManualControlActivityProjection |
| Name Resolution | Windows Server 2008 R2: Maintain a procedure by which domain name service is configured to an authorized source, limited to authorized zone transfer recipients, and configured for redundancy.
| WS08R2_MCA_00123 | System.Compliance.ManualControlActivityProjection |
| Proceduralize the Data Classification Process | Windows Server 2008 R2: Maintain a procedure by which sensitive or personal data is classified, and labelled.
| WS08R2_MCA_00124 | System.Compliance.ManualControlActivityProjection |
| Proceduralize the Data Retention Process | Windows Server 2008 R2: Maintain a procedure by which logs are retained for the period prescribed by your organization, default system documentation is removed, and demonstration applications are removed.
Log Retention Configuration
Default Documentation Removal
Demonstration Application Removal | WS08R2_MCA_00125 | System.Compliance.ManualControlActivityProjection |
| Proceduralize the Authorization of Services | Windows Server 2008 R2: Maintain a procedure by which services are authorized for enablement.
| WS08R2_MCA_00126 | System.Compliance.ManualControlActivityProjection |
Home