Navigate

Check: 4.039

windows 7 iavm: 4.039 (in version v1 r32)

Title

The built-in administrator account must be disabled. (Cat II impact)

Discussion

The built-in administrator account is a well-known account subject to attack. It also provides no accountability to individual administrators on a system. It must be disabled to prevent its use.

Check Content

Analyze the system using the Security Configuration and Analysis snap-in. Expand the Security Configuration and Analysis tree view. Navigate to Local Policies >> Security Options. If the value for "Accounts: Administrator account status" is not set to "Disabled", this is a finding.

Fix Text

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Accounts: Administrator account status" to "Disabled".

Additional Identifiers

Rule ID:

Vulnerability ID: V-16047

Group Title:

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000764	Uniquely identify and authenticate organizational users and associate that unique identification with processes acting on behalf of those users.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
IA-2	Identification and Authentication (organizational Users)