U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST SP 800-43 Update R1.2.3 Checklist Details (Checklist Revisions)

Checklist Highlights

Checklist Name:
NIST SP 800-43
Checklist ID:
65
Version:
Update R1.2.3
Type:
Compliance
Review Status:
Archived
Authority:
Governmental Authority: NIST, Computer Security Division
Original Publication Date:
01/27/2002

Checklist Summary:

The Systems Administration Guidance for Windows 2000 Professional publication is intended to assist the users and system administrators of Windows 2000 Professional systems in configuring their hosts by providing configuration templates and security checklists. The guide provides detailed information about the security features of Win2K Pro, security configuration guidelines for popular applications, and security configuration guidelines for the Win2K Pro operating system. The guide documents the methods that the system administrators can use to implement each security setting. The principal goal of the document is to recommend and explain tested secure settings for Win2K Pro workstations with the objective of simplifying the administrative burden of improving the security of Win2K Pro systems. This guidance document also includes recommendations for testing and configuring common Windows applications. The application types include electronic mail (e-mail) clients, Web browsers, productivity applications, and antivirus scanners. This list is not intended to be a complete list of applications to install on Windows 2000 Professional, nor does it imply NISTs endorsement of particular commercial off-the-shelf (COTS) products. Many of the configuration recommendations for the tested Windows applications focus on deterring viruses, worms, Trojan horses, and other types of malicious code. The guide presents recommendations to protect the Windows 2000 Professional system from malicious code when the tested applications are being used.

Checklist Role:

  • Client Desktop and Mobile Host

Known Issues:

Do not attempt to implement any of the settings in this guide without first testing them in a non-operational environment. These recommendations should be applied only to the Windows 2000 Systems and will not work on Windows 9X/ME, Windows NT, Windows XP, Windows Server 2000 or Windows Server 2003. The security templates have been tested on 2000 Professional systems and will not work on Windows 9X/ME, Windows NT, Windows XP, Windows Server 2000 or Windows Server 2003. The security templates should not be used by home users and should be used with caution since it will restrict the functionality and reduce the usability of the system.

Target Audience:

This checklist has been created for IT professionals, particularly Windows 2000 system administrators and information security personnel. The document assumes that the reader has experience installing and administering Windows-based systems in domain or standalone configurations.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

The security templates have been tested on Windows 2000 Professional systems and will not work on Windows 9X/ME, Windows NT, Windows XP, Windows Server 2000 or Windows Server 2003. The recommended settings have been tested with the suite of applications described in section 10 of the NIST SP 800-43.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Refer to Known Issues.

Disclaimer:

Do not attempt to implement any of the settings in this guide without first testing them in a non-operational environment. NIST assumes no responsibility whatsoever for its use by other parties, and makes no guarantees, expressed or implied, about its quality, reliability, or any other characteristic. NIST would appreciate acknowledgement if the document and template are used.

Product Support:

Microsoft will provide best efforts support, in line with the customer�??�?�¢??s support contract, to assist in removing the worst results of such file and registry permissions, but Microsoft can only guarantee returning to the recommended out-of-the-box settings by reformatting and reinstalling the operating system.

Point of Contact:

itsec@nist.gov

Sponsor:

Jesper Johansson and Kirk Soluk, Microsoft Corporation

Licensing:

This document was developed at the National Institute of Standards and Technology, which collaborated with NSA, DISA, CIS, and Microsoft to produce the Windows XP security templates. Pursuant to title 17 Section 105 of the United States Code this document and template are not subject to copyright protection and is in the public domain.

Change History:

Security Templates (.inf files)
2002-11-19 - Release Version R1.2.3.
2002-01-28 - Draft Release Systems Administration

Guidance for Windows 2000 Professional document
2002-11-19 - Final version.
2002-01-28 - Draft version.

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 09/12/2014