U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Checklist Program

National Checklist Program

NCP

  1. Checklist Repository

CIS Windows 2000 Server Level 2 Benchmark v2.2.1 Checklist Details (Checklist Revisions)

Supporting Resources:

Target:

Target CPE Name
Microsoft Windows Server 2000 cpe:/o:microsoft:windows_2000:-:-:server (View CVEs)

Checklist Highlights

Checklist Name:
CIS Windows 2000 Server Level 2 Benchmark
Checklist ID:
68
Version:
v2.2.1
Type:
Compliance
Review Status:
Final
Authority:
Third Party: Center for Internet Security (CIS)
Original Publication Date:
11/14/2004

Checklist Summary:

This document is a security benchmark for the Microsoft Windows 2000 operating system for servers. It reflects the content of the Consensus Baseline Security Settings document developed by the National Security Agency (NSA), the Defense Information Systems Agency (DISA), The National Institute of Standards and Technology (NIST), the General Services Administration (GSA), The SANS Institute, and the staff and members of the Center for Internet Security (CIS).

Checklist Role:

  • Server Operating System

Known Issues:

Not provided.

Target Audience:

Not provided.

Target Operational Environment:

  • Standalone
  • Managed

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

Differs for Public and Private consumers, please read disclaimer information from the CIS web site located at: http://www.cisecurity.org/sub_form.html

Product Support:

Not provided.

Point of Contact:

cis-feedback@cisecurity.org

Sponsor:

Not provided.

Licensing:

Differs for Public and Private consumers, please read licensing information from the CIS web site located at: http://www.cisecurity.org/sub_form.html

Change History: 

	January 1, 2003 â?? Version 1.0 released to public.

August 13, 2003 â?? Version 1.01 Released.
- Modified to reflect new Terms of Use.

September 2, 2003 â?? Version 1.02 Released.
- Fixed description of 4.1.6 IIS Admin service.
- Changed value of entry at 3.2.2.14 as per http://support.microsoft.com/?kbid=315669.
- Corrected accompanying template to reflect proper service security.
- Corrected several file and registry permissions in accompanying security template.

April 2, 2004 â?? Version 2.1 Released.
- Changed setting 4.4.2.1 from HKCU to its synonymous setting HKLMSoftwareClasses
- Changed setting 4.2.15 to â??Not Applicableâ?�
- Changed setting 4.2.33 to â??Not Applicableâ?�
- Settings 4.2.12, 4.2.13, and 4.2.14 changed to â??Not Definedâ?� to allow users to customize.
- Changed setting 3.2.2.3.2 to â??Not Definedâ?�

April 16, 2004 â?? Version 2.1.1 Released.
Updated to reflect Service Pack 4 as current.

October 5, 2004 â?? Version 2.1.1 Released.
Fixed spelling of references to TCPMaxHalfOpenRetried.
Fixed reference to section 3.2.2.5.
Changed 4.2.15 to â??Not Definedâ?�.

Dependency/Requirements:

URL Description
http://www.microsoft.com/security Microsoft Windows Security
http://www.microsoft.com/technet/prodtechnol/winntas/tips/winntmag/inreg.mspx Windows NT Magazine article regarding editing the Registry
http://www.microsoft.com/windows2000/_downloads/critical/ Windows 2000 Server Reference Page

References:

Reference URL Description

NIST checklist record last modified on 07/23/2009