National Vulnerability Database

National Vulnerability Database

National Vulnerability

Windows 2000 Security Checklist Version 6, Release 1.19 Checklist Details (Checklist Revisions)

SCAP 1.0 Content:

Machine-Readable CCE to 800-53 Data Stream

Supporting Resources:


    Target CPE Name
    Microsoft Windows 2000 cpe:/o:microsoft:windows_2000 (View CVEs)

    Checklist Highlights

    Checklist Name:
    Windows 2000 Security Checklist
    Checklist ID:
    Version 6, Release 1.19
    Review Status:
    Governmental Authority: Defense Information Systems Agency
    Original Publication Date:

    Checklist Summary:

    The Microsoft Windows 2000 SRR targets conditions that undermine the integrity of security, contribute to inefficient security operations and administration, or may lead to interruption of production operations. Sites are required to secure the Microsoft Windows 2000 operating system in accordance with DOD Directive 8500.1, Section 4.18. The checks in this document were developed from DISA and NSA guidelines. Additionally, the review ensures the site has properly installed and implemented the Windows 2000 operating system and that it is being managed in a way that is secure, efficient, and effective. The items reviewed are based on standards and requirements published by DISA in the Security Handbook and other DoD Policy and regulations. This document is designed to instruct the reviewer on how to assess both the Professional and Member Server configurations in a mixed Windows NT 4/2000 domain. In addition, the security settings recommended can also be used to configure Group Policy in a Windows 2000 Active Directory environment.

    Checklist Role:

    • Desktop and Server Operating System

    Known Issues:

    - The vulnerabilities discussed in Sections 3 and 5 of this document are applicable to all versions of Windows 2000. To reduce the complexity of the manual procedures, however, these sections are designed around the Windows 2000 desktop. - The Access Control Lists (ACLs) on a system under review may differ from the recommendations specified in Appendix A. If the reviewed ACL is more restrictive, or if an equivalent user group is identified, there is no problem. If a specific application requires less restrictive settings, these must be documented with the site ISSO.

    Target Audience:

    Developed for the DOD. This document is intended for IAOs, SAs, IAMs, NSOs, and others who are responsible for the configuration, management, or support of information systems. It assumes that the reader has knowledge of the Windows 2000 operating system and is familiar with common computer terminology.

    Target Operational Environment:

    • Managed
    • Specialized Security-Limited Functionality (SSLF)

    Testing Information:

    Not provided.

    Regulatory Compliance:

    DOD Directive 8500.


    Not provided.


    Not provided.

    Product Support:

    It should be noted that FSO Support for the STIGs, Checklists, and Tools is only available to DOD Customers.

    Point of Contact:


    Not provided.


    Not provided.

    Change History:

    Added point of contact
    moved to archive status - 4/15/19


    URL Description


    Reference URL Description

    NIST checklist record last modified on 04/15/2019