U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

Windows 2000 Security Checklist Version 6, Release 1.19 Checklist Details (Checklist Revisions)

SCAP 1.0 Content:

Supporting Resources:

Target:

Target CPE Name
Microsoft Windows 2000 cpe:/o:microsoft:windows_2000 (View CVEs)

Checklist Highlights

Checklist Name:
Windows 2000 Security Checklist
Checklist ID:
67
Version:
Version 6, Release 1.19
Type:
Compliance
Review Status:
Archived
Authority:
Governmental Authority: Defense Information Systems Agency
Original Publication Date:
08/27/2010

Checklist Summary:

The Microsoft Windows 2000 SRR targets conditions that undermine the integrity of security, contribute to inefficient security operations and administration, or may lead to interruption of production operations. Sites are required to secure the Microsoft Windows 2000 operating system in accordance with DOD Directive 8500.1, Section 4.18. The checks in this document were developed from DISA and NSA guidelines. Additionally, the review ensures the site has properly installed and implemented the Windows 2000 operating system and that it is being managed in a way that is secure, efficient, and effective. The items reviewed are based on standards and requirements published by DISA in the Security Handbook and other DoD Policy and regulations. This document is designed to instruct the reviewer on how to assess both the Professional and Member Server configurations in a mixed Windows NT 4/2000 domain. In addition, the security settings recommended can also be used to configure Group Policy in a Windows 2000 Active Directory environment.

Checklist Role:

  • Desktop and Server Operating System

Known Issues:

- The vulnerabilities discussed in Sections 3 and 5 of this document are applicable to all versions of Windows 2000. To reduce the complexity of the manual procedures, however, these sections are designed around the Windows 2000 desktop. - The Access Control Lists (ACLs) on a system under review may differ from the recommendations specified in Appendix A. If the reviewed ACL is more restrictive, or if an equivalent user group is identified, there is no problem. If a specific application requires less restrictive settings, these must be documented with the site ISSO.

Target Audience:

Developed for the DOD. This document is intended for IAOs, SAs, IAMs, NSOs, and others who are responsible for the configuration, management, or support of information systems. It assumes that the reader has knowledge of the Windows 2000 operating system and is familiar with common computer terminology.

Target Operational Environment:

  • Managed
  • Specialized Security-Limited Functionality (SSLF)

Testing Information:

Not provided.

Regulatory Compliance:

DOD Directive 8500.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Not provided.

Product Support:

It should be noted that FSO Support for the STIGs, Checklists, and Tools is only available to DOD Customers.

Point of Contact:

disa.stig_spt@mail.mil

Sponsor:

Not provided.

Licensing:

Not provided.

Change History: 

Added point of contact
moved to archive status - 4/15/19

Dependency/Requirements:

URL Description

References:

Reference URL Description

NIST checklist record last modified on 04/15/2019