The Ctrl+Alt+Del security attention sequence for logons must be enabled.

From Windows Server 2012/2012 R2 Member Server Security Technical Implementation Guide

Part of Ctrl+Alt+Del Security Attention Sequence

Associated with: CCI-000366

SV-52866r1_rule The Ctrl+Alt+Del security attention sequence for logons must be enabled.

Vulnerability discussion

Disabling the Ctrl+Alt+Del security attention sequence can compromise system security. Because only Windows responds to the Ctrl+Alt+Del security sequence, a user can be assured that any passwords entered following that sequence are sent only to Windows. If the sequence requirement is eliminated, malicious programs can request and receive a user's Windows password. Disabling this sequence also suppresses a custom logon banner.

Check content

If the following registry value does not exist or is not configured as specified, this is a finding: Registry Hive: HKEY_LOCAL_MACHINE Registry Path: \Software\Microsoft\Windows\CurrentVersion\Policies\System\ Value Name: DisableCAD Value Type: REG_DWORD Value: 0

Fix text

Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> "Interactive Logon: Do not require CTRL+ALT+DEL" to "Disabled".

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer