National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Windows Server 2012 / 2012 R2 STIG Version 2, Release 14 Checklist Details (Checklist Revisions)

SCAP 1.2 Content:

Machine-Readable CCE to 800-53 Data Stream

Supporting Resources:

Target:

Target CPE Name Product Category
Microsoft Windows Server 2012 R2 cpe:/o:microsoft:windows_server_2012:r2 (View CVEs)
    Microsoft Windows Server 2012 cpe:/o:microsoft:windows_server_2012:- (View CVEs)
    • Operating System

    Checklist Highlights

    Checklist Name:
    Windows Server 2012 / 2012 R2 STIG
    Checklist ID:
    560
    Version:
    Version 2, Release 14
    Type:
    Compliance
    Review Status:
    Under Review
    Authority:
    Governmental Authority: Defense Information Systems Agency
    Original Publication Date:
    04/28/2017
    Checklist Group:
    View

    Checklist Summary:

    The Windows Server 2012 / 2012 R2 Member Server Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus as well as Windows security guidance by Microsoft Corporation. This document is meant for use in conjunction with other applicable STIGs, including such topics as, Web Servers, Domain Name Service (DNS), and Database. Microsoft released Windows Server 2012 R2 as an update to Windows Server 2012, instead of a Service Pack as with previous Windows versions. Windows Server 2012 R2 changed some functionality as well as adding new functionality. Unless otherwise noted, the requirements in this STIG apply to both Windows Server 2012 and 2012 R2. Requirements that are applicable to a specific version are noted as such. The Windows Server 2012 / 2012 R2 Domain Controller Security Technical Implementation Guide (STIG) is published as a tool to improve the security of Department of Defense (DoD) information systems. The requirements were developed from DoD consensus as well as Windows security guidance by Microsoft Corporation. This document is meant for use in conjunction with other applicable STIGs, including such topics as, Active Directory Domain, Active Directory Forest, and Domain Name Service (DNS). Microsoft released Windows Server 2012 R2 as an update to Windows Server 2012, instead of a Service Pack as with previous Windows versions. Windows Server 2012 R2 changed some functionality as well as adding new functionality. Unless otherwise noted, the requirements in this STIG apply to both Windows Server 2012 and 2012 R2. Requirements that are applicable to a specific version are noted as such.

    Checklist Role:

    • Operating System

    Known Issues:

    No known issues

    Target Audience:

    This checklist is primarily for IT generalists, security specialists, network architects, and other IT professionals and consultants who plan application or infrastructure development and deployments of Windows 8 and BitLocker for both desktop and laptop client computers in an enterprise environment.

    Target Operational Environment:

    • Managed

    Testing Information:

    Not Provided

    Regulatory Compliance:

    DoD Instruction (DoDI) 8500.01

    Comments/Warnings/Miscellaneous:

    Not Provided

    Disclaimer:

    Not Provided

    Product Support:

    Microsoft Corporation will accept support calls for this checklist. secwish@microsoft.com

    Point of Contact:

    disa.stig_spt@mail.mil

    Sponsor:

    Not Provided

    Licensing:

    Not Provided

    Change History:

    Standalone and Benchmark Version 2, Release 2 - 07 August 2015
    Updated status from "Under Review" to "Final" - 30 June 2015
    Updated Information and Changed Status from "Candidate" to "Under Review" - 27 May 2015
    Changed status from "under review" to "final" - 14 September 2015
    Version 2, Release 3 - 29 October 2015
    Changed status from "Under Review" to "Final" - 17 December 2015
    5/2/2016 - Version 2, Release 4
    moved to FINAL - 6/7/2016
    updated to - v2, r5 - 07/22/2016
    Updated to FINAL - 09/12/2016
    Updated STIG to v2, r6 - 10/28/2016
    updated to FINAL - 12/07/2016
    Updated to Ver 2, Rel 7 - 01/27/2017
    Updated to FINAL - 03/13/2017
    Updated to Version 2, Release 8 - 04/28/2017
    Updated to FINAL - 05/30/2017
    null
    Updated URL to reflect change to the DISA website - http --> https
    Updated to FINAL - 09/07/2017
    Updated - 11/01/2017
    Updated to FINAL - 12/02/2017
    corrected resource title - 1/24/2018
    Updated to Version 2, Release 11 - 02/16/2018
    Updated to FINAL - 3/18/2018
    updated to Ver 2, Rel 12 - 4/25/18
    Updated to FINAL - 5/25/18
    updated to Version 2, Release 13 - 7/24/18
    Added GPOs - 8/6/18
    Updated to FINAL - 9/6/2018
    Updated to Version 2, Release 14 - 02/16/2018
    Corrected SHA for GPO file - 12/19/2018

    Dependency/Requirements:

    URL Description
    https://iasecontent.disa.mil/stigs/pdf/U_Windows_Server_2012_STIG_V2_Release_Memo.pdf Windows Server 2012 Release Memo

    References:

    Reference URL Description

    NIST checklist record last modified on 12/19/2018


    * This checklist is still undergoing review for inclusion into the NCP.