Check: WN12-GE-000005
Microsoft Windows Server 2012/2012 R2 Domain Controller STIG:
WN12-GE-000005
(in versions v3 r7 through v2 r20)
Title
Local volumes must use a format that supports NTFS attributes. (Cat I impact)
Discussion
The ability to set access permissions and auditing is critical to maintaining the security and proper access controls of a system. To support this, local volumes must be formatted using a file system that supports NTFS attributes.
Check Content
Open "Computer Management". Select "Disk Management" under "Storage". For each local volume, if the file system does not indicate "NTFS", this is a finding. "ReFS" (Resilient File System) is also acceptable and would not be a finding. “CSV” (Cluster Share Volumes) is also acceptable and would not be a finding. This does not apply to system partitions such as the Recovery and EFI System Partition.
Fix Text
Format local volumes to use NTFS or ReFS.
Additional Identifiers
Rule ID: SV-226239r794530_rule
Vulnerability ID: V-226239
Group Title: SRG-OS-000080-GPOS-00048
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000213 |
The information system enforces approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |
Controls
Number | Title |
---|---|
AC-3 |
Access Enforcement |