Navigate

Check: WN12-00-000006

Microsoft Windows Server 2012/2012 R2 Member Server STIG: WN12-00-000006 (in versions v3 r7 through v2 r7)

Title

Policy must require that system administrators (SAs) be trained for the operating systems used by systems under their control. (Cat II impact)

Discussion

If SAs are assigned to systems running operating systems for which they have no training, these systems are at additional risk of unintentional misconfiguration that may result in vulnerabilities or decreased availability of the system.

Check Content

Determine whether the site has a policy that requires SAs be trained for all operating systems running on systems under their control. If the site does not have a policy requiring SAs be trained for all operating systems under their control, this is a finding.

Fix Text

Establish site policy that requires SAs be trained for all operating systems running on systems under their control.

Additional Identifiers

Rule ID: SV-225242r569185_rule

Vulnerability ID: V-225242

Group Title: SRG-OS-000480-GPOS-00227

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	The organization implements the security configuration settings.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings