An error occurred:

Check: 3.011

Windows 2003 DC STIG: 3.011 (in version v6 r40)

Title

The required legal notice must be configured to display before console logon. (Cat II impact)

Discussion

Failure to display the logon banner prior to a logon attempt will negate legal proceedings resulting from unauthorized access to system resources.

Check Content

Fix Text

Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options ->“Interactive Logon: Message text for users attempting to log on” as outlined in the check.

Additional Identifiers

Rule ID: SV-29632r3_rule

Vulnerability ID: V-1089

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000048

Display an organization-defined system use notification message or banner to users before granting access to the system that provides privacy and security notices consistent with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and guidelines.
CCI-000050

Retain the notification message or banner on the screen until users acknowledge the usage conditions and take explicit actions to log on to or further access the system.
CCI-001384

For publicly accessible systems, display system use information with organization-defined conditions before granting further access to the publicly accessible system.
CCI-001385

For publicly accessible systems, displays references, if any, to monitoring that are consistent with privacy accommodations for such systems that generally prohibit those activities.
CCI-001386

For publicly accessible systems, displays references, if any, to recording that are consistent with privacy accommodations for such systems that generally prohibit those activities.
CCI-001387

For publicly accessible systems, displays references, if any, to auditing that are consistent with privacy accommodations for such systems that generally prohibit those activities.
CCI-001388

For publicly accessible systems, includes a description of the authorized uses of the system.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
AC-8

System Use Notification