This Desktop Application Security Checklist provides the procedures for conducting a Security Readiness Review (SRR) to determine compliance with the requirements in the Desktop Application Security Technical Implementation Guide (STIG). This Checklist document must be used together with the corresponding version of the STIG document. This SRR guide focuses strictly on Symantec Antivirus Corporate Edition v9.x and v10.x, McAfee VirusScan v7.x and v8.x, Netscape Navigator, Internet Explorer, Outlook 2000, XP, 2003 and MS Office 2000, XP, 2003. Additionally, this checklist ensures the site has properly installed and implemented specific desktop applications and that it is being managed in a way that is secure, efficient, and effective, through procedures outlined in the checklist. The items reviewed are based on standards and requirements published by DISA in the Security Handbook and the Database Security Technical Implementation Guide.
The procedures in this document are part of the effort to ensure that the security configuration guidelines required by Department of Defense (DOD) Directive 8500.1, Information Assurance, and other relevant guidance have been properly implemented.
- The user account from which Desktop Application Gold Disk is run must have Administrator privileges and have the User Right: Manage Auditing and Security Log.
- Only the configuration checks that are included in the Desktop Application Gold Disk (Internet Explorer and Microsoft Office) will be evaluated as part of the formal review process. The IAVMs and security patches included on the Desktop Gold Disk are not evaluated as part of the Desktop Application review because they are already covered in either the appropriate Windows Operating System Gold Disk or the appropriate Post Gold Disk Scripts. These will remain in the Desktop Application Gold Disk for the SAs use.
Developped for the DOD.
This checklist has been created for IT professionals, particularly Windows system administrators and information security personnel. The document assumes that the reader has experience installing and administering applications on Windows-based systems in domain or standalone configurations.
- Specialized Security-Limited Functionality (SSLF)
DOD Directive 8500.
It should be noted that FSO Support for the STIGs, Checklists, and Tools is only available to DOD Customers.
Version 4, Release 3 26-October-2012
Version 4, Release 2 27-April-2012
Version 4, Release 1 03-December-2009
Version 4, Release 4 30-October-2014
Updated point of contact field
Updated Resource Title - 15 January 2015
Changed Status from "Under Review" to "Final" - 18 February 2015
Updated URL to reflect change to the DISA website - http --> https
moved to archive status - 4/15/19
Updated URLs - 6/24/19
updated URLs - 9/11/19
NIST checklist record last modified on 09/11/2019