Microsoft Windows Server 2012/2012 R2 Member Server STIG:
(in versions v3 r5 through v2 r7)
Security configuration tools or equivalent processes must be used to configure and maintain platforms for security compliance. (Cat III impact)
Security configuration tools such as Group Policies and Security Templates allow system administrators to consolidate security-related system settings into a single configuration file. These settings can then be applied consistently to any number of Windows machines.
Verify security configuration tools or equivalent processes are being used to configure Windows systems to meet security requirements. If security configuration tools or equivalent processes are not used, this is a finding. Security configuration tools that are integrated into Windows, such as Group Policies and Security Templates, may be used to configure platforms for security compliance. If an alternate method is used to configure a system (e.g., manually using the DISA Windows Security STIGs, etc.) and the same configured result is achieved, this is acceptable.
Implement a process using security configuration tools or the equivalent to configure Windows systems to meet security requirements.
Rule ID: SV-225250r569185_rule
Vulnerability ID: V-225250
Group Title: SRG-OS-000480-GPOS-00227
The organization implements the security configuration settings.