Establish and maintain specific directory installation rules and domain controller installation rules.

CONTROL ID
01734

CONTROL TYPE
Establish/Maintain Documentation

CLASSIFICATION
Preventive

This Control directly supports the implied Control(s):

This Control has the following implementation support Control(s):

Configure the "Domain controller: Allow server operators to schedule tasks" setting., CC ID: 01735
Configure the "domain member: require strong (Windows 2000 or later) session key" setting., CC ID: 01738
Configure the "Enforce user logon restrictions" setting., CC ID: 04500
Configure the "Maximum lifetime for service ticket" setting., CC ID: 04501
Configure the "Maximum lifetime for user ticket" setting., CC ID: 04502
Configure the "Maximum lifetime for user ticket renewal" setting., CC ID: 04503
Configure the "Maximum tolerance for computer clock synchronization" setting., CC ID: 04504
Verify the Trusted Computing Base is installed, as appropriate., CC ID: 05589

When windows Internet Information Services is used for web services, is a dedicated virtual directory structure used for each website? (§ G.21.2.3, Shared Assessments Standardized Information Gathering Questionnaire - G. Communications and Operations Management, 7.0)
When windows Internet Information Services is used for web services, is the content folder on the same drive as the Operating System? (§ G.21.2.9, Shared Assessments Standardized Information Gathering Questionnaire - G. Communications and Operations Management, 7.0)
When Apache is used for web services, is a dedicated virtual directory structure used for each website? (§ G.21.3.4, Shared Assessments Standardized Information Gathering Questionnaire - G. Communications and Operations Management, 7.0)
Remote access server cards may not be installed and/or implemented on Windows domain controllers. (§ 4.2.1, DISA Secure Remote Computing Security Technical Implementation Guide, Version 1 Release 2)