Checklist Details for Windows 2000/XP/2003/Vista addendum Version 6, Release 1

(Checklist Revisions)

Checklist Highlights

Checklist Name:
Windows 2000/XP/2003/Vista addendum
Version 6, Release 1
Review Status:
Governmental Authority: Defense Information Systems Agency
Target Product:
Target Product CPE Name Product Category
Microsoft Windows Vista cpe:/o:microsoft:windows_vista (View CVEs)
  • Operating System
Microsoft Windows Server 2003 cpe:/o:microsoft:windows_2003_server (View CVEs)
  • Operating System
Microsoft Windows XP cpe:/o:microsoft:windows_xp (View CVEs)
  • Operating System
Microsoft Windows 2000 cpe:/o:microsoft:windows_2000 (View CVEs)
  • Operating System
Checklist Summary:
This Addendum to Microsoft's Windows 2003 Security Guide and NSA's Guides to Securing Windows 2000 and XP was developed to enhance the confidentiality, integrity, and availability of sensitive Department of Defense (DOD) Automated Information Systems (AISs) using the Windows 2003, 2000, and XP operating systems (OSs).This Addendum is coordinated with the following documents here after collectively known as the Windows Server 2003/XP/2000 Guides: - Microsoft Solutions for Security, Windows 2003 Security Guide, 2003 - Microsoft Solutions for Security, Threats and Countermeasures: Security Settings in Windows 2003 and Windows XP, 2003 - Microsoft Windows 2003 and XP Specialized Security Limited Functionality Templates - NSA Guide to Securing Windows 2000 Active Directory, December 2000, Version 1.0 - NSA Guide to Securing Windows 2000 Group Policy, September 2001, Version 1.1 - NSA Guide to Securing Windows 2000 Group Policy: Security Configuration Tool Set, December 2002, Version 1.2 - NSA Guide to Securing Windows 2000 File and Disk Resources, 19 April 2001, Version 1.0 - NSA Guide to Securing Windows XP, December 2003, Version 1.1 The Microsoft Windows 2003 and XP Specialized Security Limited Functionality Templates were developed through the combined efforts of Microsoft, NSA, NIST, DISA FSO, CIS, and other organizations (hereafter referred to as the Consensus Group). They provide a common set of security settings for organizations requiring a highly secure processing environment, such as found in DOD. Each site network/communications infrastructure must provide secure, available, and reliable data for all customers, especially the warfighter. This Addendum is designed to supplement the security guidance provided by the Windows Server 2003/XP/2000 Guides with DOD-specific requirements. This Addendum will assist sites in meeting the minimum requirements standards, controls, and options that must be in place for secure network operations. These minimum security requirements include compliance with the Windows Server 2003/XP/2000 Guides using the Specialized Security â?? Limited Functionality Templates and the additional requirements defined in this Addendum. Deviations or exceptions will be documented in the appropriate checklist.
Checklist Role:
  • Operating System
Known Issues:
This document is only a guide containing recommended security settings. It is not meant to replace well-structured policy or sound judgment. Furthermore, this guide does not address site-specific configuration issues. The security changes described in this document only apply to Microsoft Windows 2000, 2003 and XP systems and should not be applied to any other Windows versions or operating systems. You can severely impair or disable a Windows system with incorrect changes or accidental deletions when using programs (examples: Security Configuration Manager, Regedt32.exe, and Regedit.exe) to change the system configuration. Therefore, it is extremely important to test all settings recommended in this guide before installing them on an operational network.
Target Audience:
Developped for the DOD. Users of this guide should have a working knowledge of Windows 2000, 2003 and XP installation and basic system administration skills.
Target Operational Environment:
  • Managed
  • Specialized Security-Limited Functionality (SSLF)
Testing Information:
Not provided.
Regulatory Compliance:
DOD Directive 8500.
Refer to Known Issues.
Not provided.
Product Support:
It should be noted that FSO Support for the STIGs, Checklists, and Tools is only available to DOD Customers.
Point of Contact:
Not provided.
Not provided.
Change History:
Added point of contact
NIST checklist record last modified on 05/24/2016