Navigate

Check: 4.020

Windows 2003 DC STIG: 4.020 (in version v6 r40)

Title

The built-in guest account is not disabled. (Cat II impact)

Discussion

A system faces an increased vulnerability threat if the built-in guest account is not disabled. This account is a known account that exists on all Windows systems and cannot be deleted. This account is initialized during the installation of the operating system with no password assigned. This account is a member of the Everyone user group and has all the rights and permissions associated with that group, which could subsequently provide access to system resources to anonymous users.

Check Content

Fix Text

Configure the system to disable the built-in guest Account.

Additional Identifiers

Rule ID: SV-29655r1_rule

Vulnerability ID: V-1113

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000804	Uniquely identify and authenticate non-organizational users or processes acting on behalf of non-organizational users.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
IA-8	Identification and Authentication (non-organizational Users)