130 lines
3.7 KiB
PowerShell
130 lines
3.7 KiB
PowerShell
[AuditTest] @{
|
|
Id = "235"
|
|
Task = "(ND, NE) Configure 'Accounts: Rename administrator account'."
|
|
Test = {
|
|
$securityOption = Get-AuditResource "WindowsSecurityPolicy"
|
|
$setOption = $securityOption['System Access']["NewAdministratorName"]
|
|
|
|
if ($null -eq $setOption) {
|
|
return @{
|
|
Message = "Currently not set."
|
|
Status = "False"
|
|
}
|
|
}
|
|
if ($setOption -notmatch "^(?!.*\bAdministrator\b).*$") {
|
|
return @{
|
|
Message = "'NewAdministratorName' currently set to: $setOption."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "236"
|
|
Task = "(ND, NE) Ensure 'Accounts: Administrator account status' is set to 'Disabled'."
|
|
Test = {
|
|
$securityOption = Get-AuditResource "WindowsSecurityPolicy"
|
|
$setOption = $securityOption['System Access']["EnableAdminAccount"]
|
|
|
|
if ($null -eq $setOption) {
|
|
return @{
|
|
Message = "Currently not set."
|
|
Status = "False"
|
|
}
|
|
}
|
|
if ($setOption -ne 0) {
|
|
return @{
|
|
Message = "'EnableAdminAccount' currently set to: $setOption. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "237"
|
|
Task = "(ND, NE) Ensure 'Accounts: Guest account status' is set to 'Disabled'. "
|
|
Test = {
|
|
$securityOption = Get-AuditResource "WindowsSecurityPolicy"
|
|
$setOption = $securityOption['System Access']["EnableGuestAccount"]
|
|
|
|
if ($null -eq $setOption) {
|
|
return @{
|
|
Message = "Currently not set."
|
|
Status = "False"
|
|
}
|
|
}
|
|
if ($setOption -ne 0) {
|
|
return @{
|
|
Message = "'EnableGuestAccount' currently set to: $setOption. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "238"
|
|
Task = "(ND, NE) Configure 'Accounts: Rename guest account'."
|
|
Test = {
|
|
$securityOption = Get-AuditResource "WindowsSecurityPolicy"
|
|
$setOption = $securityOption['System Access']["NewGuestName"]
|
|
|
|
if ($null -eq $setOption) {
|
|
return @{
|
|
Message = "Currently not set."
|
|
Status = "False"
|
|
}
|
|
}
|
|
if ($setOption -notmatch "^(?i)(?!.*\b(?:Guest|Gast)\b).*$") {
|
|
return @{
|
|
Message = "'NewGuestName' currently set to: $setOption."
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
}
|
|
[AuditTest] @{
|
|
Id = "263"
|
|
Task = "(ND) Ensure 'Network access: Allow anonymous SID/Name translation' is set to 'Disabled'."
|
|
Test = {
|
|
$securityOption = Get-AuditResource "WindowsSecurityPolicy"
|
|
$setOption = $securityOption['System Access']["LSAAnonymousNameLookup"]
|
|
|
|
if ($null -eq $setOption) {
|
|
return @{
|
|
Message = "Currently not set."
|
|
Status = "False"
|
|
}
|
|
}
|
|
if ($setOption -ne 0) {
|
|
return @{
|
|
Message = "'LSAAnonymousNameLookup' currently set to: $setOption. Expected: 0"
|
|
Status = "False"
|
|
}
|
|
}
|
|
|
|
return @{
|
|
Message = "Compliant"
|
|
Status = "True"
|
|
}
|
|
}
|
|
} |