Back

Disable Remote Server Manager unless Remote Server Manager is absolutely necessary.


CONTROL ID
04289
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Disable all unnecessary services unless otherwise noted in a policy exception., CC ID: 00880

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • For Windows 2003 Server, the organization must configure the permissions for Remote Server Manager (AppMgr) to Administrators: Full Control; System: Read; and System: Start, Stop, and Pause. (Table F-2, CMS Business Partners Systems Security Manual, Rev. 10)
  • The Remote Server Manager service should be disabled. The service should be documented if enabling it is required. (ยง 5.2.2.1, DISA Windows Server 2003 Security Checklist, Version 6 Release 1.11)