Title

The built-in guest account has not been renamed. (Cat II impact)

Discussion

A system faces an increased vulnerability threat if the built-in guest account is not renamed or disabled. The built-in guest account is a known user account on all Windows systems, and as initially installed, does not require a password. This can allow access to system resources by unauthorized users. This account is a member of the group Everyone and has all the rights and permissions associated with that group and could provide access to system resources to unauthorized users.

Check Content

Analyze the system using the Security Configuration and Analysis snap-in. Expand the Security Configuration and Analysis tree view. Navigate to Local Policies -> Security Options. If the value for “Accounts: Rename guest account” is not set to a value other than “Guest”, then this is a finding.

Fix Text

Configure the system to rename the built-in guest account

Additional Identifiers

Rule ID: SV-1114r1_rule

Vulnerability ID: V-1114

Group Title: Rename Built-in Guest Account

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.