Checklist Summary:

This document, and associated STIGs, has set forth requirements based upon having a secured Windows environment as described in various other documents. These documents include various National Security Agency (NSA) guides (found at http://www.nsa.gov/snac/) and the Windows 2000/XP/2003/Vista Addendum available from the IASE web site (http://iase.disa.mil/). The superset of these requirements can be found in the appropriate Windows Checklist, which is also available from the IASE web site. Failure to follow these requirements can significantly diminish the value of many of the specifications in this document. Security controls that are managed through the underlying operating system platform directly affect the strength of the security that surrounds desktop applications. This section highlights some measures that are taken to increase that strength. This section of the document provides the following categories of information: Considerations for the terminology and content of this document Information relevant to general desktop application security that is not specific to an individual product Limited guidance on individual products or categories of products that are not covered in subsequent chapters

Checklist Role:

• Desktop Client

Known Issues:

Not provided.

Target Audience:

The requirements and recommendations set forth in this document will assist Information Assurance Officers (IAO) and Information Assurance Managers (IAMs) in protecting desktop applications in DoD locations hereafter referred to as sites. The responsible Configuration Control Board (CCB) will approve revisions to site systems that could have a security impact.

Target Operational Environment:

• Managed
• Specialized Security-Limited Functionality (SSLF)

Testing Information:

Although there are a few different operating system platforms for desktop environments, this document addresses applications running on Microsoft Windows platforms. This document does not include specific guidance for UNIX or Linux or Apple desktop environments at this time. The security requirements detailed in this document apply to applications installed on Microsoft Windows Server platforms as well as Microsoft Windows Workstation platforms. On server platforms, the security configuration parameters will be set to at least as restrictive values as those listed in this document.

Regulatory Compliance:

DoD Directive (DoDD) 8500.1

Comments/Warnings/Miscellaneous:

It must be noted that the guidelines specified should be evaluated in a local, representative test environment before implementation within large user populations. The extensive variety of environments makes it impossible to test these guidelines for all potential software configurations. For some environments, failure to test before implementation may lead to a loss of required functionality.

Disclaimer:

Not provided.

Product Support:

It should be noted that Field Security Operations (FSO) support for the STIGs, Checklists, and Tools is only available to DoD customers.

Point of Contact:

disa.stig_spt@mail.mil

Sponsor:

Not provided.

Licensing:

Not provided.

Change History:

Version 4, Release 3 - 27 April 2012
Version 4, Release 2 - 28 October 2011
Version 4, Release 1 - 09 December 2009 (initial release)
Updated "Point of Contact" - 16 January 2015
Corrected Title - 05/26/2017
Updated URL to reflect change to the DISA website - http --> https
moved to archive status - 4/15/19

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 04/15/2019