ࡱ>  f2ɀ\pMatthew N. Wojcik Ba==xN%58X@"1Calibri1Calibri1Calibri1Calibri1Arial1Arial1Arial1Arial1Arial1 Arial1Arial1Calibri1 Calibri1 Arial1Calibri1Arial14Calibri1 Calibri1Calibri1Calibri1Calibri1,8Calibri18Calibri18Calibri1>Calibri14Calibri1<Calibri1<Arial1Arial1Calibri1?Calibri1h8Cambria1Calibri1 Calibri"$"#,##0_);\("$"#,##0\)!"$"#,##0_);[Red]\("$"#,##0\)""$"#,##0.00_);\("$"#,##0.00\)'""$"#,##0.00_);[Red]\("$"#,##0.00\)7*2_("$"* #,##0_);_("$"* \(#,##0\);_("$"* "-"_);_(@_).))_(* #,##0_);_(* \(#,##0\);_(* "-"_);_(@_)?,:_("$"* #,##0.00_);_("$"* \(#,##0.00\);_("$"* "-"??_);_(@_)6+1_(* #,##0.00_);_(* \(#,##0.00\);_(* "-"??_);_(@_)[$-409]General                                                                       ( (     ff  +  )  ,  *      P  P         `  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  1(d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d  (d (                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              (   (                                       ! a> "  (x@ @  (|@ @  (<@ @  (|@ @  (x@ @  (x@ @  (8@ @  (|@ @  x@ @  8@ @  x@ @  x@ @  8@ @  )8@ @  )x@ @  )x@ @  (x@ @  )x@ @  (4  (x@ @  ||MHNc}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-} 00\);_(*}-}  00\);_(*}-}  00\);_(*}-}  00\);_(*}-}  00\);_(*}-}  00\);_(*}-} 00\);_(*}-} 00\);_(*}A} 00\);_(*ef;_(@_) }A} 00\);_(*ef;_(@_) }A} 00\);_(*ef;_(@_) }A} 00\);_(*ef;_(@_) }A} 00\);_(*ef;_(@_) }A} 00\);_(*ef ;_(@_) }A} 00\);_(*L;_(@_) }A} 00\);_(*L;_(@_) }A} 00\);_(*L;_(@_) }A} 00\);_(*L;_(@_) }A} 00\);_(*L;_(@_) }A} 00\);_(*L ;_(@_) }A} 00\);_(*23;_(@_) }A} 00\);_(*23;_(@_) }A} 00\);_(*23;_(@_) }A} 00\);_(*23;_(@_) }A}  00\);_(*23;_(@_) }A}! 00\);_(*23 ;_(@_) }A}" 00\);_(*;_(@_) }A}# 00\);_(*;_(@_) }A}$ 00\);_(*;_(@_) }A}% 00\);_(*;_(@_) }A}& 00\);_(*;_(@_) }A}' 00\);_(* ;_(@_) }<}( 00\);_(* ;_(}A}) 00\);_(*;_(@_) }<}* 00\);_(*;_(}(}+00\);_(*}}- }00\);_(*;_(@_)    }}. 00\);_(*;_(@_) ??? ??? ??? ???}-}/ 00\);_(*}-}0 00\);_(*}-}1 00\);_(*}-}2 00\);_(*}(}3 00\);_(*}-}4 00\);_(*}A}5 a00\);_(*;_(@_) }A}6 00\);_(*;_(@_) }A}7 00\);_(*?;_(@_) }A}8 00\);_(*23;_(@_) }-}9 00\);_(*}}; ??v00\);_(*̙;_(@_)    }A}< }00\);_(*;_(@_) }A} e00\);_(*;_(@_) }<} e00\);_(*;_(}(}H 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(}+ 00\);_(*}(}- 00\);_(*}(}. 00\);_(*}(}/ 00\);_(*}(}0 00\);_(*}(}1 00\);_(*}(}2 00\);_(*}(}3 00\);_(*}(}4 00\);_(*}(}5 00\);_(*}(}6 00\);_(*}(}8 00\);_(*}(}9 00\);_(*}(}: 00\);_(*}(}; 00\);_(*}(}< 00\);_(*}(}= 00\);_(*}(}> 00\);_(*}(}? 00\);_(*}(}@ 00\);_(*}(}A 00\);_(*}(}C 00\);_(*}(}D 00\);_(*}(}E 00\);_(*}(}F 00\);_(*}(}G 00\);_(*}(}H 00\);_(*}(}I 00\);_(*}(}J 00\);_(*}(}K 00\);_(*}(}L 00\);_(*}(}N 00\);_(*}(}O 00\);_(*}(}P 00\);_(*}(}Q 00\);_(*}(}R 00\);_(*}(}S 00\);_(*}(}T 00\);_(*}(}U 00\);_(*}(}V 00\);_(*}(}W 00\);_(*}(}Y 00\);_(*}(}Z 00\);_(*}(}[ 00\);_(*}(}\ 00\);_(*}(}] 00\);_(*}(}^ 00\);_(*}(}_ 00\);_(*}(}` 00\);_(*}(}a 00\);_(*}(}b 00\);_(*}(}d 00\);_(*}(}e 00\);_(*}(}f 00\);_(*}(}  00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}(} 00\);_(*}-} 00\);_(*}(} 00\);_(*}(}  00\);_(*}(}  00\);_(*}(}  00\);_(*}(}  00\);_(*}}*}}1 00\);_(*;_(@_)    }}2 00\);_(*;_(   }}3 ???00\);_(*;_(??? ???  ???  ???}-}4 00\);_(*}-}6 00\);_(*}U}7 00\);_(*;_( }-}8 00\);_(* 20% - Accent1M 20% - Accent1 ef % 20% - Accent2M" 20% - Accent2 ef % 20% - Accent3M& 20% - Accent3 ef % 20% - Accent4M* 20% - Accent4 ef % 20% - Accent5M. 20% - Accent5 ef % 20% - Accent6M2 20% - Accent6  ef % 40% - Accent1M 40% - Accent1 L % 40% - Accent2M# 40% - Accent2 L渷 % 40% - Accent3M' 40% - Accent3 L % 40% - Accent4M+ 40% - Accent4 L % 40% - Accent5M/ 40% - Accent5 L % 40% - Accent6M3 40% - Accent6  Lմ % 60% - Accent1M 60% - Accent1 23 % 60% - Accent2M$ 60% - Accent2 23ږ % 60% - Accent3M( 60% - Accent3 23כ % 60% - Accent4M, 60% - Accent4 23 % 60% - Accent5M0 60% - Accent5 23 %! 60% - Accent6M4 60% - Accent6  23 % "Accent1AAccent1 O % #Accent2A!Accent2 PM % $Accent3A%Accent3 Y % %Accent4A)Accent4 d % &Accent5A-Accent5 K % 'Accent6A1Accent6  F %( Accent6 2@ Accent6 2  F )Bad9Bad  % *Bad 28Bad 2  +Blue Background@Blue Background  ,Bold- Calculation Calculation  }% . Check Cell Check Cell  %????????? ???/ Comma0( Comma [0]1&Currency2. Currency [0]3Excel Built-in Normal 1PExcel Built-in Normal 1 4Explanatory TextG5Explanatory Text % 5Good;Good  a%6 Heading 1G Heading 1 I}%O7 Heading 2G Heading 2 I}%?8 Heading 3G Heading 3 I}%239 Heading 49 Heading 4 I}%: Hyperlink 2 ;InputuInput ̙ ??v% < Linked CellK Linked Cell }% =Mine >Mine 10 ?Mine 11 @Mine 12 AMine 13 BMine 14 CMine 15 DMine 16 EMine 17 FMine 18 GMine 19 HMine 2I Mine 2 10J Mine 2 11K Mine 2 12L Mine 2 13M Mine 2 14N Mine 2 15O Mine 2 16P Mine 2 17Q Mine 2 18R Mine 2 19 SMine 2 2T Mine 2 20U Mine 2 21V Mine 2 22W Mine 2 23X Mine 2 24Y Mine 2 25Z Mine 2 26[ Mine 2 27\ Mine 2 28] Mine 2 29 ^Mine 2 3_ Mine 2 30` Mine 2 31a Mine 2 32b Mine 2 33c Mine 2 34d Mine 2 35e Mine 2 36f Mine 2 37g Mine 2 38h Mine 2 39 iMine 2 4j Mine 2 40k Mine 2 41l Mine 2 42m Mine 2 43n Mine 2 44o Mine 2 45p Mine 2 46q Mine 2 47r Mine 2 48s Mine 2 49 tMine 2 5u Mine 2 50v Mine 2 51w Mine 2 52x Mine 2 53y Mine 2 54 zMine 2 6 {Mine 2 7 |Mine 2 8 }Mine 2 9 ~Mine 20 Mine 21 Mine 22 Mine 23 Mine 24 Mine 25 Mine 26 Mine 27 Mine 28 Mine 29 Mine 3 Mine 30 Mine 31 Mine 32 Mine 33 Mine 34 Mine 35 Mine 36 Mine 37 Mine 38 Mine 39 Mine 4 Mine 40 Mine 41 Mine 42 Mine 43 Mine 44 Mine 45 Mine 46 Mine 47 Mine 48 Mine 49 Mine 5 Mine 50 Mine 51 Mine 52 Mine 53 Mine 54 Mine 6 Mine 7 Mine 8 Mine 9 My Normal NeutralANeutral  e% Neutral 2@ Neutral 2  e3Normal % Normal 10 Normal 10 2 Normal 109 Normal 109 2 Normal 109 3 Normal 11 Normal 110 Normal 110 2 Normal 110 3 Normal 12 Normal 127 Normal 127 2 Normal 13 Normal 135 Normal 135 2 Normal 136 Normal 136 2 Normal 137 Normal 137 2 Normal 138 Normal 138 2 Normal 139 Normal 139 2 Normal 14 Normal 140 Normal 140 2 Normal 143 Normal 143 2 Normal 144 Normal 144 2 Normal 15 Normal 16 Normal 17 Normal 18 Normal 19 Normal 2 Normal 2 10 Normal 2 10 2 Normal 2 11 Normal 2 12 Normal 2 13 Normal 2 14 Normal 2 15 Normal 2 16 Normal 2 17 Normal 2 18Normal 2 18 10Normal 2 18 10 2Normal 2 18 10 3Normal 2 18 11Normal 2 18 11 2Normal 2 18 12Normal 2 18 12 2Normal 2 18 13Normal 2 18 13 2Normal 2 18 14Normal 2 18 14 2Normal 2 18 15Normal 2 18 15 2Normal 2 18 16Normal 2 18 16 2Normal 2 18 17Normal 2 18 17 2Normal 2 18 18Normal 2 18 18 2Normal 2 18 19Normal 2 18 19 2 Normal 2 18 2Normal 2 18 20Normal 2 18 20 2Normal 2 18 21Normal 2 18 21 2Normal 2 18 22Normal 2 18 22 2Normal 2 18 23Normal 2 18 23 2Normal 2 18 24Normal 2 18 25Normal 2 18 26Normal 2 18 27 Normal 2 18 3Normal 2 18 3 2Normal 2 18 3 3 Normal 2 18 4Normal 2 18 4 2Normal 2 18 4 3 Normal 2 18 5Normal 2 18 5 2Normal 2 18 5 3 Normal 2 18 6Normal 2 18 6 2Normal 2 18 6 3 Normal 2 18 7Normal 2 18 7 2 Normal 2 18 7 3  Normal 2 18 8 Normal 2 18 8 2 Normal 2 18 8 3  Normal 2 18 9Normal 2 18 9 2Normal 2 18 9 3 Normal 2 19Normal 2 19 10Normal 2 19 10 2Normal 2 19 10 3Normal 2 19 11Normal 2 19 11 2Normal 2 19 12Normal 2 19 12 2Normal 2 19 13Normal 2 19 13 2Normal 2 19 14Normal 2 19 14 2Normal 2 19 15Normal 2 19 15 2Normal 2 19 16Normal 2 19 16 2 Normal 2 19 17!Normal 2 19 17 2"Normal 2 19 18#Normal 2 19 18 2$Normal 2 19 19%Normal 2 19 19 2& Normal 2 19 2'Normal 2 19 20(Normal 2 19 20 2)Normal 2 19 21*Normal 2 19 21 2+Normal 2 19 22,Normal 2 19 22 2-Normal 2 19 23.Normal 2 19 23 2/Normal 2 19 240Normal 2 19 251Normal 2 19 262Normal 2 19 273 Normal 2 19 34Normal 2 19 3 25Normal 2 19 3 36 Normal 2 19 47Normal 2 19 4 28Normal 2 19 4 39 Normal 2 19 5:Normal 2 19 5 2;Normal 2 19 5 3< Normal 2 19 6=Normal 2 19 6 2>Normal 2 19 6 3? Normal 2 19 7@Normal 2 19 7 2ANormal 2 19 7 3B Normal 2 19 8CNormal 2 19 8 2DNormal 2 19 8 3E Normal 2 19 9FNormal 2 19 9 2GNormal 2 19 9 3H Normal 2 26 Normal 2 2 I Normal 2 2 10J Normal 2 2 11K Normal 2 2 12L Normal 2 2 13M Normal 2 2 14N Normal 2 2 15O Normal 2 2 16P Normal 2 2 17Q Normal 2 2 18R Normal 2 2 19S Normal 2 2 2TNormal 2 2 2 10UNormal 2 2 2 10 2VNormal 2 2 2 10 3WNormal 2 2 2 11XNormal 2 2 2 11 2YNormal 2 2 2 11 3ZNormal 2 2 2 12[Normal 2 2 2 12 2\Normal 2 2 2 12 3]Normal 2 2 2 13^Normal 2 2 2 13 2_Normal 2 2 2 13 3`Normal 2 2 2 14aNormal 2 2 2 14 2bNormal 2 2 2 14 3cNormal 2 2 2 15dNormal 2 2 2 15 2eNormal 2 2 2 16fNormal 2 2 2 16 2gNormal 2 2 2 17hNormal 2 2 2 17 2iNormal 2 2 2 18jNormal 2 2 2 18 2kNormal 2 2 2 19lNormal 2 2 2 2mNormal 2 2 2 20nNormal 2 2 2 21oNormal 2 2 2 22pNormal 2 2 2 23qNormal 2 2 2 24rNormal 2 2 2 25sNormal 2 2 2 26tNormal 2 2 2 27uNormal 2 2 2 28vNormal 2 2 2 29wNormal 2 2 2 3xNormal 2 2 2 3 2yNormal 2 2 2 3 3zNormal 2 2 2 3 4{Normal 2 2 2 3 5|Normal 2 2 2 3 6}Normal 2 2 2 30~Normal 2 2 2 30 2Normal 2 2 2 31Normal 2 2 2 31 2Normal 2 2 2 32Normal 2 2 2 32 2Normal 2 2 2 33Normal 2 2 2 33 2Normal 2 2 2 34Normal 2 2 2 34 2Normal 2 2 2 35Normal 2 2 2 35 2Normal 2 2 2 36Normal 2 2 2 36 2Normal 2 2 2 37Normal 2 2 2 37 2Normal 2 2 2 38Normal 2 2 2 39Normal 2 2 2 4Normal 2 2 2 40Normal 2 2 2 41Normal 2 2 2 42Normal 2 2 2 43Normal 2 2 2 44Normal 2 2 2 45Normal 2 2 2 46Normal 2 2 2 47Normal 2 2 2 48Normal 2 2 2 48 2Normal 2 2 2 49Normal 2 2 2 5Normal 2 2 2 5 2Normal 2 2 2 5 3Normal 2 2 2 5 4Normal 2 2 2 50@Normal 2 2 2 50 Normal 2 2 2 50 2DNormal 2 2 2 50 2 Normal 2 2 2 50 3DNormal 2 2 2 50 3 Normal 2 2 2 50 4DNormal 2 2 2 50 4 Normal 2 2 2 50 5DNormal 2 2 2 50 5 Normal 2 2 2 50 6DNormal 2 2 2 50 6 Normal 2 2 2 50 7DNormal 2 2 2 50 7 Normal 2 2 2 50 8DNormal 2 2 2 50 8 Normal 2 2 2 51@Normal 2 2 2 51 Normal 2 2 2 52@Normal 2 2 2 52 Normal 2 2 2 53@Normal 2 2 2 53 Normal 2 2 2 54Normal 2 2 2 55Normal 2 2 2 56Normal 2 2 2 57Normal 2 2 2 58Normal 2 2 2 59Normal 2 2 2 6Normal 2 2 2 60Normal 2 2 2 7Normal 2 2 2 7 2Normal 2 2 2 7 3Normal 2 2 2 8Normal 2 2 2 8 2Normal 2 2 2 8 3Normal 2 2 2 9Normal 2 2 2 9 2Normal 2 2 2 9 3 Normal 2 2 20 Normal 2 2 21 Normal 2 2 22 Normal 2 2 23 Normal 2 2 24 Normal 2 2 25Normal 2 2 25 10Normal 2 2 25 10 2Normal 2 2 25 10 3Normal 2 2 25 11Normal 2 2 25 11 2Normal 2 2 25 12Normal 2 2 25 12 2Normal 2 2 25 13Normal 2 2 25 13 2Normal 2 2 25 14Normal 2 2 25 14 2Normal 2 2 25 15Normal 2 2 25 15 2Normal 2 2 25 16Normal 2 2 25 16 2Normal 2 2 25 17Normal 2 2 25 17 2Normal 2 2 25 18Normal 2 2 25 18 2Normal 2 2 25 19Normal 2 2 25 19 2Normal 2 2 25 2Normal 2 2 25 20Normal 2 2 25 20 2Normal 2 2 25 21Normal 2 2 25 21 2Normal 2 2 25 22Normal 2 2 25 22 2Normal 2 2 25 23Normal 2 2 25 23 2Normal 2 2 25 24Normal 2 2 25 25Normal 2 2 25 3Normal 2 2 25 3 2Normal 2 2 25 3 3Normal 2 2 25 4Normal 2 2 25 4 2Normal 2 2 25 4 3Normal 2 2 25 5Normal 2 2 25 5 2Normal 2 2 25 5 3Normal 2 2 25 6Normal 2 2 25 6 2Normal 2 2 25 6 3Normal 2 2 25 7Normal 2 2 25 7 2Normal 2 2 25 7 3Normal 2 2 25 8Normal 2 2 25 8 2Normal 2 2 25 8 3Normal 2 2 25 9Normal 2 2 25 9 2Normal 2 2 25 9 3 Normal 2 2 26 Normal 2 2 27 Normal 2 2 28Normal 2 2 28 10Normal 2 2 28 10 2Normal 2 2 28 11Normal 2 2 28 11 2Normal 2 2 28 12Normal 2 2 28 12 2Normal 2 2 28 13Normal 2 2 28 13 2Normal 2 2 28 14Normal 2 2 28 14 2Normal 2 2 28 15Normal 2 2 28 15 2Normal 2 2 28 16Normal 2 2 28 16 2Normal 2 2 28 17Normal 2 2 28 17 2 Normal 2 2 28 18 Normal 2 2 28 18 2 Normal 2 2 28 19 Normal 2 2 28 19 2 Normal 2 2 28 2Normal 2 2 28 2 2Normal 2 2 28 2 3Normal 2 2 28 20Normal 2 2 28 20 2Normal 2 2 28 21Normal 2 2 28 21 2Normal 2 2 28 22Normal 2 2 28 22 2Normal 2 2 28 3Normal 2 2 28 3 2Normal 2 2 28 3 3Normal 2 2 28 4Normal 2 2 28 4 2Normal 2 2 28 4 3Normal 2 2 28 5Normal 2 2 28 5 2Normal 2 2 28 5 3Normal 2 2 28 6 Normal 2 2 28 6 2!Normal 2 2 28 6 3"Normal 2 2 28 7#Normal 2 2 28 7 2$Normal 2 2 28 7 3%Normal 2 2 28 8&Normal 2 2 28 8 2'Normal 2 2 28 8 3(Normal 2 2 28 9)Normal 2 2 28 9 2*Normal 2 2 28 9 3+ Normal 2 2 29< Normal 2 2 29 , Normal 2 2 3- Normal 2 2 30< Normal 2 2 30 . Normal 2 2 31< Normal 2 2 31 / Normal 2 2 32< Normal 2 2 32 0 Normal 2 2 33< Normal 2 2 33 1 Normal 2 2 34< Normal 2 2 34 2 Normal 2 2 35< Normal 2 2 35 3 Normal 2 2 36< Normal 2 2 36 4 Normal 2 2 37< Normal 2 2 37 5 Normal 2 2 38< Normal 2 2 38 6 Normal 2 2 39< Normal 2 2 39 7 Normal 2 2 48 Normal 2 2 40< Normal 2 2 40 9 Normal 2 2 41< Normal 2 2 41 : Normal 2 2 42< Normal 2 2 42 ; Normal 2 2 43< Normal 2 2 43 < Normal 2 2 44< Normal 2 2 44 = Normal 2 2 45< Normal 2 2 45 > Normal 2 2 46< Normal 2 2 46 ? Normal 2 2 47< Normal 2 2 47 @ Normal 2 2 48< Normal 2 2 48 A Normal 2 2 49< Normal 2 2 49 B Normal 2 2 5C Normal 2 2 50< Normal 2 2 50 D Normal 2 2 51< Normal 2 2 51 E Normal 2 2 52< Normal 2 2 52 F Normal 2 2 53< Normal 2 2 53 G Normal 2 2 54< Normal 2 2 54 H Normal 2 2 55< Normal 2 2 55 I Normal 2 2 56< Normal 2 2 56 J Normal 2 2 57< Normal 2 2 57 K Normal 2 2 58< Normal 2 2 58 L Normal 2 2 59< Normal 2 2 59 M Normal 2 2 6N Normal 2 2 60< Normal 2 2 60 O Normal 2 2 61< Normal 2 2 61 P Normal 2 2 62< Normal 2 2 62 Q Normal 2 2 63< Normal 2 2 63 R Normal 2 2 64< Normal 2 2 64 S Normal 2 2 65< Normal 2 2 65 T Normal 2 2 66< Normal 2 2 66 U Normal 2 2 67< Normal 2 2 67 V Normal 2 2 68< Normal 2 2 68 W Normal 2 2 69< Normal 2 2 69 X Normal 2 2 7Y Normal 2 2 70< Normal 2 2 70 Z Normal 2 2 71< Normal 2 2 71 [ Normal 2 2 72< Normal 2 2 72 \ Normal 2 2 73< Normal 2 2 73 ] Normal 2 2 74< Normal 2 2 74 ^ Normal 2 2 75< Normal 2 2 75 _ Normal 2 2 76< Normal 2 2 76 ` Normal 2 2 77< Normal 2 2 77 a Normal 2 2 78< Normal 2 2 78 b Normal 2 2 79< Normal 2 2 79 c Normal 2 2 8d Normal 2 2 80< Normal 2 2 80 e Normal 2 2 85< Normal 2 2 85 f Normal 2 2 86< Normal 2 2 86 g Normal 2 2 9h Normal 2 20iNormal 2 20 10jNormal 2 20 10 2kNormal 2 20 10 3lNormal 2 20 11mNormal 2 20 11 2nNormal 2 20 12oNormal 2 20 12 2pNormal 2 20 13qNormal 2 20 13 2rNormal 2 20 14sNormal 2 20 14 2tNormal 2 20 15uNormal 2 20 15 2vNormal 2 20 16wNormal 2 20 16 2xNormal 2 20 17yNormal 2 20 17 2zNormal 2 20 18{Normal 2 20 18 2|Normal 2 20 19}Normal 2 20 19 2~ Normal 2 20 2Normal 2 20 20Normal 2 20 20 2Normal 2 20 21Normal 2 20 21 2Normal 2 20 22Normal 2 20 22 2Normal 2 20 23Normal 2 20 23 2Normal 2 20 24Normal 2 20 25Normal 2 20 26Normal 2 20 27 Normal 2 20 3Normal 2 20 3 2Normal 2 20 3 3 Normal 2 20 4Normal 2 20 4 2Normal 2 20 4 3 Normal 2 20 5Normal 2 20 5 2Normal 2 20 5 3 Normal 2 20 6Normal 2 20 6 2Normal 2 20 6 3 Normal 2 20 7Normal 2 20 7 2Normal 2 20 7 3 Normal 2 20 8Normal 2 20 8 2Normal 2 20 8 3 Normal 2 20 9Normal 2 20 9 2Normal 2 20 9 3 Normal 2 21Normal 2 21 10Normal 2 21 10 2Normal 2 21 10 3Normal 2 21 11Normal 2 21 11 2Normal 2 21 12Normal 2 21 12 2Normal 2 21 13Normal 2 21 13 2Normal 2 21 14Normal 2 21 14 2Normal 2 21 15Normal 2 21 15 2Normal 2 21 16Normal 2 21 16 2Normal 2 21 17Normal 2 21 17 2Normal 2 21 18Normal 2 21 18 2Normal 2 21 19Normal 2 21 19 2 Normal 2 21 2Normal 2 21 20Normal 2 21 20 2Normal 2 21 21Normal 2 21 21 2Normal 2 21 22Normal 2 21 22 2Normal 2 21 23Normal 2 21 23 2Normal 2 21 24Normal 2 21 25Normal 2 21 26Normal 2 21 27 Normal 2 21 3Normal 2 21 3 2Normal 2 21 3 3 Normal 2 21 4Normal 2 21 4 2Normal 2 21 4 3 Normal 2 21 5Normal 2 21 5 2Normal 2 21 5 3 Normal 2 21 6Normal 2 21 6 2Normal 2 21 6 3 Normal 2 21 7Normal 2 21 7 2Normal 2 21 7 3 Normal 2 21 8Normal 2 21 8 2Normal 2 21 8 3 Normal 2 21 9Normal 2 21 9 2Normal 2 21 9 3 Normal 2 22Normal 2 22 10Normal 2 22 10 2Normal 2 22 10 3Normal 2 22 11Normal 2 22 11 2Normal 2 22 12Normal 2 22 12 2Normal 2 22 13Normal 2 22 13 2Normal 2 22 14Normal 2 22 14 2Normal 2 22 15Normal 2 22 15 2Normal 2 22 16Normal 2 22 16 2Normal 2 22 17Normal 2 22 17 2Normal 2 22 18Normal 2 22 18 2Normal 2 22 19Normal 2 22 19 2 Normal 2 22 2Normal 2 22 20Normal 2 22 20 2Normal 2 22 21Normal 2 22 21 2Normal 2 22 22Normal 2 22 22 2Normal 2 22 23Normal 2 22 23 2Normal 2 22 24Normal 2 22 25Normal 2 22 26Normal 2 22 27 Normal 2 22 3Normal 2 22 3 2Normal 2 22 3 3 Normal 2 22 4Normal 2 22 4 2Normal 2 22 4 3 Normal 2 22 5Normal 2 22 5 2Normal 2 22 5 3 Normal 2 22 6Normal 2 22 6 2Normal 2 22 6 3 Normal 2 22 7Normal 2 22 7 2 Normal 2 22 7 3  Normal 2 22 8 Normal 2 22 8 2 Normal 2 22 8 3  Normal 2 22 9Normal 2 22 9 2Normal 2 22 9 3 Normal 2 23Normal 2 23 10Normal 2 23 10 2Normal 2 23 10 3Normal 2 23 11Normal 2 23 11 2Normal 2 23 12Normal 2 23 12 2Normal 2 23 13Normal 2 23 13 2Normal 2 23 14Normal 2 23 14 2Normal 2 23 15Normal 2 23 15 2Normal 2 23 16Normal 2 23 16 2 Normal 2 23 17!Normal 2 23 17 2"Normal 2 23 18#Normal 2 23 18 2$Normal 2 23 19%Normal 2 23 19 2& Normal 2 23 2'Normal 2 23 20(Normal 2 23 20 2)Normal 2 23 21*Normal 2 23 21 2+Normal 2 23 22,Normal 2 23 22 2-Normal 2 23 23.Normal 2 23 23 2/Normal 2 23 240Normal 2 23 251Normal 2 23 262Normal 2 23 273 Normal 2 23 34Normal 2 23 3 25Normal 2 23 3 36 Normal 2 23 47Normal 2 23 4 28Normal 2 23 4 39 Normal 2 23 5:Normal 2 23 5 2;Normal 2 23 5 3< Normal 2 23 6=Normal 2 23 6 2>Normal 2 23 6 3? Normal 2 23 7@Normal 2 23 7 2ANormal 2 23 7 3B Normal 2 23 8CNormal 2 23 8 2DNormal 2 23 8 3E Normal 2 23 9FNormal 2 23 9 2GNormal 2 23 9 3H Normal 2 24INormal 2 24 10JNormal 2 24 10 2KNormal 2 24 10 3LNormal 2 24 11MNormal 2 24 11 2NNormal 2 24 12ONormal 2 24 12 2PNormal 2 24 13QNormal 2 24 13 2RNormal 2 24 14SNormal 2 24 14 2TNormal 2 24 15UNormal 2 24 15 2VNormal 2 24 16WNormal 2 24 16 2XNormal 2 24 17YNormal 2 24 17 2ZNormal 2 24 18[Normal 2 24 18 2\Normal 2 24 19]Normal 2 24 19 2^ Normal 2 24 2_Normal 2 24 20`Normal 2 24 20 2aNormal 2 24 21bNormal 2 24 21 2cNormal 2 24 22dNormal 2 24 22 2eNormal 2 24 23fNormal 2 24 23 2gNormal 2 24 24hNormal 2 24 25iNormal 2 24 26jNormal 2 24 27k Normal 2 24 3lNormal 2 24 3 2mNormal 2 24 3 3n Normal 2 24 4oNormal 2 24 4 2pNormal 2 24 4 3q Normal 2 24 5rNormal 2 24 5 2sNormal 2 24 5 3t Normal 2 24 6uNormal 2 24 6 2vNormal 2 24 6 3w Normal 2 24 7xNormal 2 24 7 2yNormal 2 24 7 3z Normal 2 24 8{Normal 2 24 8 2|Normal 2 24 8 3} Normal 2 24 9~Normal 2 24 9 2Normal 2 24 9 3 Normal 2 25Normal 2 25 10Normal 2 25 10 2Normal 2 25 10 3Normal 2 25 11Normal 2 25 11 2Normal 2 25 12Normal 2 25 12 2Normal 2 25 13Normal 2 25 13 2Normal 2 25 14Normal 2 25 14 2Normal 2 25 15Normal 2 25 15 2Normal 2 25 16Normal 2 25 16 2Normal 2 25 17Normal 2 25 17 2Normal 2 25 18Normal 2 25 18 2Normal 2 25 19Normal 2 25 19 2 Normal 2 25 2Normal 2 25 20Normal 2 25 20 2Normal 2 25 21Normal 2 25 21 2Normal 2 25 22Normal 2 25 22 2Normal 2 25 23Normal 2 25 23 2Normal 2 25 24Normal 2 25 25Normal 2 25 26Normal 2 25 27 Normal 2 25 3Normal 2 25 3 2Normal 2 25 3 3 Normal 2 25 4Normal 2 25 4 2Normal 2 25 4 3 Normal 2 25 5Normal 2 25 5 2Normal 2 25 5 3 Normal 2 25 6Normal 2 25 6 2Normal 2 25 6 3 Normal 2 25 7Normal 2 25 7 2Normal 2 25 7 3 Normal 2 25 8Normal 2 25 8 2Normal 2 25 8 3 Normal 2 25 9Normal 2 25 9 2Normal 2 25 9 3 Normal 2 26Normal 2 26 10Normal 2 26 10 2Normal 2 26 10 3Normal 2 26 11Normal 2 26 11 2Normal 2 26 12Normal 2 26 12 2Normal 2 26 13Normal 2 26 13 2Normal 2 26 14Normal 2 26 14 2Normal 2 26 15Normal 2 26 15 2Normal 2 26 16Normal 2 26 16 2Normal 2 26 17Normal 2 26 17 2Normal 2 26 18Normal 2 26 18 2Normal 2 26 19Normal 2 26 19 2 Normal 2 26 2Normal 2 26 20Normal 2 26 20 2Normal 2 26 21Normal 2 26 21 2Normal 2 26 22Normal 2 26 22 2Normal 2 26 23Normal 2 26 23 2Normal 2 26 24Normal 2 26 25Normal 2 26 26Normal 2 26 27 Normal 2 26 3Normal 2 26 3 2Normal 2 26 3 3 Normal 2 26 4Normal 2 26 4 2Normal 2 26 4 3 Normal 2 26 5Normal 2 26 5 2Normal 2 26 5 3 Normal 2 26 6Normal 2 26 6 2Normal 2 26 6 3 Normal 2 26 7Normal 2 26 7 2Normal 2 26 7 3 Normal 2 26 8Normal 2 26 8 2Normal 2 26 8 3 Normal 2 26 9Normal 2 26 9 2Normal 2 26 9 3 Normal 2 27Normal 2 27 10Normal 2 27 10 2Normal 2 27 10 3Normal 2 27 11Normal 2 27 11 2Normal 2 27 12Normal 2 27 12 2Normal 2 27 13Normal 2 27 13 2Normal 2 27 14Normal 2 27 14 2Normal 2 27 15Normal 2 27 15 2Normal 2 27 16Normal 2 27 16 2Normal 2 27 17Normal 2 27 17 2Normal 2 27 18Normal 2 27 18 2Normal 2 27 19Normal 2 27 19 2 Normal 2 27 2Normal 2 27 20Normal 2 27 20 2 Normal 2 27 21 Normal 2 27 21 2 Normal 2 27 22 Normal 2 27 22 2 Normal 2 27 23Normal 2 27 23 2Normal 2 27 24Normal 2 27 25Normal 2 27 26Normal 2 27 27 Normal 2 27 3Normal 2 27 3 2Normal 2 27 3 3 Normal 2 27 4Normal 2 27 4 2Normal 2 27 4 3 Normal 2 27 5Normal 2 27 5 2Normal 2 27 5 3 Normal 2 27 6Normal 2 27 6 2Normal 2 27 6 3 Normal 2 27 7 Normal 2 27 7 2!Normal 2 27 7 3" Normal 2 27 8#Normal 2 27 8 2$Normal 2 27 8 3% Normal 2 27 9&Normal 2 27 9 2'Normal 2 27 9 3( Normal 2 28)Normal 2 28 10*Normal 2 28 10 2+Normal 2 28 10 3,Normal 2 28 11-Normal 2 28 11 2.Normal 2 28 12/Normal 2 28 12 20Normal 2 28 131Normal 2 28 13 22Normal 2 28 143Normal 2 28 14 24Normal 2 28 155Normal 2 28 15 26Normal 2 28 167Normal 2 28 16 28Normal 2 28 179Normal 2 28 17 2:Normal 2 28 18;Normal 2 28 18 2<Normal 2 28 19=Normal 2 28 19 2> Normal 2 28 2?Normal 2 28 20@Normal 2 28 20 2ANormal 2 28 21BNormal 2 28 21 2CNormal 2 28 22DNormal 2 28 22 2ENormal 2 28 23FNormal 2 28 23 2GNormal 2 28 24HNormal 2 28 25INormal 2 28 26JNormal 2 28 27K Normal 2 28 3LNormal 2 28 3 2MNormal 2 28 3 3N Normal 2 28 4ONormal 2 28 4 2PNormal 2 28 4 3Q Normal 2 28 5RNormal 2 28 5 2SNormal 2 28 5 3T Normal 2 28 6UNormal 2 28 6 2VNormal 2 28 6 3W Normal 2 28 7XNormal 2 28 7 2YNormal 2 28 7 3Z Normal 2 28 8[Normal 2 28 8 2\Normal 2 28 8 3] Normal 2 28 9^Normal 2 28 9 2_Normal 2 28 9 3` Normal 2 29a Normal 2 3b Normal 2 30cNormal 2 30 10dNormal 2 30 10 2eNormal 2 30 10 3fNormal 2 30 11gNormal 2 30 11 2hNormal 2 30 12iNormal 2 30 12 2jNormal 2 30 13kNormal 2 30 13 2lNormal 2 30 14mNormal 2 30 14 2nNormal 2 30 15oNormal 2 30 15 2pNormal 2 30 16qNormal 2 30 16 2rNormal 2 30 17sNormal 2 30 17 2tNormal 2 30 18uNormal 2 30 18 2vNormal 2 30 19wNormal 2 30 19 2x Normal 2 30 2yNormal 2 30 20zNormal 2 30 20 2{Normal 2 30 21|Normal 2 30 21 2}Normal 2 30 22~Normal 2 30 22 2Normal 2 30 23Normal 2 30 23 2Normal 2 30 24Normal 2 30 25Normal 2 30 26Normal 2 30 27 Normal 2 30 3Normal 2 30 3 2Normal 2 30 3 3 Normal 2 30 4Normal 2 30 4 2Normal 2 30 4 3 Normal 2 30 5Normal 2 30 5 2Normal 2 30 5 3 Normal 2 30 6Normal 2 30 6 2Normal 2 30 6 3 Normal 2 30 7Normal 2 30 7 2Normal 2 30 7 3 Normal 2 30 8Normal 2 30 8 2Normal 2 30 8 3 Normal 2 30 9Normal 2 30 9 2Normal 2 30 9 3 Normal 2 31Normal 2 31 10Normal 2 31 10 2Normal 2 31 10 3Normal 2 31 11Normal 2 31 11 2Normal 2 31 12Normal 2 31 12 2Normal 2 31 13Normal 2 31 13 2Normal 2 31 14Normal 2 31 14 2Normal 2 31 15Normal 2 31 15 2Normal 2 31 16Normal 2 31 16 2Normal 2 31 17Normal 2 31 17 2Normal 2 31 18Normal 2 31 18 2Normal 2 31 19Normal 2 31 19 2 Normal 2 31 2Normal 2 31 20Normal 2 31 20 2Normal 2 31 21Normal 2 31 21 2Normal 2 31 22Normal 2 31 22 2Normal 2 31 23Normal 2 31 23 2Normal 2 31 24Normal 2 31 25Normal 2 31 26Normal 2 31 27 Normal 2 31 3Normal 2 31 3 2Normal 2 31 3 3 Normal 2 31 4Normal 2 31 4 2Normal 2 31 4 3 Normal 2 31 5Normal 2 31 5 2Normal 2 31 5 3 Normal 2 31 6Normal 2 31 6 2Normal 2 31 6 3 Normal 2 31 7Normal 2 31 7 2Normal 2 31 7 3 Normal 2 31 8Normal 2 31 8 2Normal 2 31 8 3 Normal 2 31 9Normal 2 31 9 2Normal 2 31 9 3 Normal 2 32Normal 2 32 10Normal 2 32 10 2Normal 2 32 10 3Normal 2 32 11Normal 2 32 11 2Normal 2 32 12Normal 2 32 12 2Normal 2 32 13Normal 2 32 13 2Normal 2 32 14Normal 2 32 14 2Normal 2 32 15Normal 2 32 15 2Normal 2 32 16Normal 2 32 16 2Normal 2 32 17Normal 2 32 17 2Normal 2 32 18Normal 2 32 18 2Normal 2 32 19Normal 2 32 19 2 Normal 2 32 2Normal 2 32 20Normal 2 32 20 2Normal 2 32 21Normal 2 32 21 2Normal 2 32 22Normal 2 32 22 2Normal 2 32 23Normal 2 32 23 2Normal 2 32 24Normal 2 32 25Normal 2 32 26Normal 2 32 27 Normal 2 32 3Normal 2 32 3 2Normal 2 32 3 3 Normal 2 32 4Normal 2 32 4 2Normal 2 32 4 3 Normal 2 32 5Normal 2 32 5 2Normal 2 32 5 3 Normal 2 32 6Normal 2 32 6 2Normal 2 32 6 3 Normal 2 32 7Normal 2 32 7 2Normal 2 32 7 3 Normal 2 32 8Normal 2 32 8 2Normal 2 32 8 3 Normal 2 32 9Normal 2 32 9 2 Normal 2 32 9 3  Normal 2 33 Normal 2 33 10 Normal 2 33 10 2 Normal 2 33 10 3Normal 2 33 11Normal 2 33 11 2Normal 2 33 12Normal 2 33 12 2Normal 2 33 13Normal 2 33 13 2Normal 2 33 14Normal 2 33 14 2Normal 2 33 15Normal 2 33 15 2Normal 2 33 16Normal 2 33 16 2Normal 2 33 17Normal 2 33 17 2Normal 2 33 18Normal 2 33 18 2Normal 2 33 19Normal 2 33 19 2  Normal 2 33 2!Normal 2 33 20"Normal 2 33 20 2#Normal 2 33 21$Normal 2 33 21 2%Normal 2 33 22&Normal 2 33 22 2'Normal 2 33 23(Normal 2 33 23 2)Normal 2 33 24*Normal 2 33 25+Normal 2 33 26,Normal 2 33 27- Normal 2 33 3.Normal 2 33 3 2/Normal 2 33 3 30 Normal 2 33 41Normal 2 33 4 22Normal 2 33 4 33 Normal 2 33 54Normal 2 33 5 25Normal 2 33 5 36 Normal 2 33 67Normal 2 33 6 28Normal 2 33 6 39 Normal 2 33 7:Normal 2 33 7 2;Normal 2 33 7 3< Normal 2 33 8=Normal 2 33 8 2>Normal 2 33 8 3? Normal 2 33 9@Normal 2 33 9 2ANormal 2 33 9 3B Normal 2 34CNormal 2 34 10DNormal 2 34 10 2ENormal 2 34 10 3FNormal 2 34 11GNormal 2 34 11 2HNormal 2 34 12INormal 2 34 12 2JNormal 2 34 13KNormal 2 34 13 2LNormal 2 34 14MNormal 2 34 14 2NNormal 2 34 15ONormal 2 34 15 2PNormal 2 34 16QNormal 2 34 16 2RNormal 2 34 17SNormal 2 34 17 2TNormal 2 34 18UNormal 2 34 18 2VNormal 2 34 19WNormal 2 34 19 2X Normal 2 34 2YNormal 2 34 20ZNormal 2 34 20 2[Normal 2 34 21\Normal 2 34 21 2]Normal 2 34 22^Normal 2 34 22 2_Normal 2 34 23`Normal 2 34 23 2aNormal 2 34 24bNormal 2 34 25cNormal 2 34 26dNormal 2 34 27e Normal 2 34 3fNormal 2 34 3 2gNormal 2 34 3 3h Normal 2 34 4iNormal 2 34 4 2jNormal 2 34 4 3k Normal 2 34 5lNormal 2 34 5 2mNormal 2 34 5 3n Normal 2 34 6oNormal 2 34 6 2pNormal 2 34 6 3q Normal 2 34 7rNormal 2 34 7 2sNormal 2 34 7 3t Normal 2 34 8uNormal 2 34 8 2vNormal 2 34 8 3w Normal 2 34 9xNormal 2 34 9 2yNormal 2 34 9 3z Normal 2 35{Normal 2 35 10|Normal 2 35 10 2}Normal 2 35 10 3~Normal 2 35 11Normal 2 35 11 2Normal 2 35 12Normal 2 35 12 2Normal 2 35 13Normal 2 35 13 2Normal 2 35 14Normal 2 35 14 2Normal 2 35 15Normal 2 35 15 2Normal 2 35 16Normal 2 35 16 2Normal 2 35 17Normal 2 35 17 2Normal 2 35 18Normal 2 35 18 2Normal 2 35 19Normal 2 35 19 2 Normal 2 35 2Normal 2 35 20Normal 2 35 20 2Normal 2 35 21Normal 2 35 21 2Normal 2 35 22Normal 2 35 22 2Normal 2 35 23Normal 2 35 23 2Normal 2 35 24Normal 2 35 25Normal 2 35 26Normal 2 35 27 Normal 2 35 3Normal 2 35 3 2Normal 2 35 3 3 Normal 2 35 4Normal 2 35 4 2Normal 2 35 4 3 Normal 2 35 5Normal 2 35 5 2Normal 2 35 5 3 Normal 2 35 6Normal 2 35 6 2Normal 2 35 6 3 Normal 2 35 7Normal 2 35 7 2Normal 2 35 7 3 Normal 2 35 8Normal 2 35 8 2Normal 2 35 8 3 Normal 2 35 9Normal 2 35 9 2Normal 2 35 9 3 Normal 2 36 Normal 2 36 2Normal 2 36 2 10Normal 2 36 2 10 2Normal 2 36 2 11Normal 2 36 2 11 2Normal 2 36 2 12Normal 2 36 2 12 2Normal 2 36 2 13Normal 2 36 2 13 2Normal 2 36 2 14Normal 2 36 2 14 2Normal 2 36 2 15Normal 2 36 2 15 2Normal 2 36 2 16Normal 2 36 2 16 2Normal 2 36 2 17Normal 2 36 2 17 2Normal 2 36 2 18Normal 2 36 2 18 2Normal 2 36 2 19Normal 2 36 2 19 2Normal 2 36 2 2Normal 2 36 2 2 2Normal 2 36 2 2 3Normal 2 36 2 20Normal 2 36 2 20 2Normal 2 36 2 21Normal 2 36 2 21 2Normal 2 36 2 22Normal 2 36 2 22 2Normal 2 36 2 23Normal 2 36 2 24Normal 2 36 2 3Normal 2 36 2 3 2Normal 2 36 2 3 3Normal 2 36 2 4Normal 2 36 2 4 2Normal 2 36 2 4 3Normal 2 36 2 5Normal 2 36 2 5 2Normal 2 36 2 5 3Normal 2 36 2 6Normal 2 36 2 6 2Normal 2 36 2 6 3Normal 2 36 2 7Normal 2 36 2 7 2Normal 2 36 2 7 3Normal 2 36 2 8Normal 2 36 2 8 2Normal 2 36 2 8 3Normal 2 36 2 9Normal 2 36 2 9 2Normal 2 36 2 9 3 Normal 2 36 3 Normal 2 36 4 Normal 2 36 5 Normal 2 36 6 Normal 2 37 Normal 2 37 2Normal 2 37 2 10Normal 2 37 2 10 2Normal 2 37 2 11Normal 2 37 2 11 2Normal 2 37 2 12Normal 2 37 2 12 2Normal 2 37 2 13Normal 2 37 2 13 2Normal 2 37 2 14Normal 2 37 2 14 2Normal 2 37 2 15Normal 2 37 2 15 2Normal 2 37 2 16Normal 2 37 2 16 2Normal 2 37 2 17Normal 2 37 2 17 2Normal 2 37 2 18Normal 2 37 2 18 2Normal 2 37 2 19Normal 2 37 2 19 2Normal 2 37 2 2Normal 2 37 2 2 2Normal 2 37 2 2 3Normal 2 37 2 20Normal 2 37 2 20 2Normal 2 37 2 21Normal 2 37 2 21 2 Normal 2 37 2 22 Normal 2 37 2 22 2 Normal 2 37 2 23 Normal 2 37 2 24 Normal 2 37 2 3Normal 2 37 2 3 2Normal 2 37 2 3 3Normal 2 37 2 4Normal 2 37 2 4 2Normal 2 37 2 4 3Normal 2 37 2 5Normal 2 37 2 5 2Normal 2 37 2 5 3Normal 2 37 2 6Normal 2 37 2 6 2Normal 2 37 2 6 3Normal 2 37 2 7Normal 2 37 2 7 2Normal 2 37 2 7 3Normal 2 37 2 8Normal 2 37 2 8 2Normal 2 37 2 8 3Normal 2 37 2 9 Normal 2 37 2 9 2!Normal 2 37 2 9 3" Normal 2 37 3# Normal 2 37 4$ Normal 2 37 5% Normal 2 37 6& Normal 2 38' Normal 2 38 2(Normal 2 38 2 10)Normal 2 38 2 10 2*Normal 2 38 2 11+Normal 2 38 2 11 2,Normal 2 38 2 12-Normal 2 38 2 12 2.Normal 2 38 2 13/Normal 2 38 2 13 20Normal 2 38 2 141Normal 2 38 2 14 22Normal 2 38 2 153Normal 2 38 2 15 24Normal 2 38 2 165Normal 2 38 2 16 26Normal 2 38 2 177Normal 2 38 2 17 28Normal 2 38 2 189Normal 2 38 2 18 2:Normal 2 38 2 19;Normal 2 38 2 19 2<Normal 2 38 2 2=Normal 2 38 2 2 2>Normal 2 38 2 2 3?Normal 2 38 2 20@Normal 2 38 2 20 2ANormal 2 38 2 21BNormal 2 38 2 21 2CNormal 2 38 2 22DNormal 2 38 2 22 2ENormal 2 38 2 23FNormal 2 38 2 24GNormal 2 38 2 3HNormal 2 38 2 3 2INormal 2 38 2 3 3JNormal 2 38 2 4KNormal 2 38 2 4 2LNormal 2 38 2 4 3MNormal 2 38 2 5NNormal 2 38 2 5 2ONormal 2 38 2 5 3PNormal 2 38 2 6QNormal 2 38 2 6 2RNormal 2 38 2 6 3SNormal 2 38 2 7TNormal 2 38 2 7 2UNormal 2 38 2 7 3VNormal 2 38 2 8WNormal 2 38 2 8 2XNormal 2 38 2 8 3YNormal 2 38 2 9ZNormal 2 38 2 9 2[Normal 2 38 2 9 3\ Normal 2 39] Normal 2 39 2^Normal 2 39 2 10_Normal 2 39 2 10 2`Normal 2 39 2 11aNormal 2 39 2 11 2bNormal 2 39 2 12cNormal 2 39 2 12 2dNormal 2 39 2 13eNormal 2 39 2 13 2fNormal 2 39 2 14gNormal 2 39 2 14 2hNormal 2 39 2 15iNormal 2 39 2 15 2jNormal 2 39 2 16kNormal 2 39 2 16 2lNormal 2 39 2 17mNormal 2 39 2 17 2nNormal 2 39 2 18oNormal 2 39 2 18 2pNormal 2 39 2 19qNormal 2 39 2 19 2rNormal 2 39 2 2sNormal 2 39 2 2 2tNormal 2 39 2 2 3uNormal 2 39 2 20vNormal 2 39 2 20 2wNormal 2 39 2 21xNormal 2 39 2 21 2yNormal 2 39 2 22zNormal 2 39 2 22 2{Normal 2 39 2 23|Normal 2 39 2 24}Normal 2 39 2 3~Normal 2 39 2 3 2Normal 2 39 2 3 3Normal 2 39 2 4Normal 2 39 2 4 2Normal 2 39 2 4 3Normal 2 39 2 5Normal 2 39 2 5 2Normal 2 39 2 5 3Normal 2 39 2 6Normal 2 39 2 6 2Normal 2 39 2 6 3Normal 2 39 2 7Normal 2 39 2 7 2Normal 2 39 2 7 3Normal 2 39 2 8Normal 2 39 2 8 2Normal 2 39 2 8 3Normal 2 39 2 9Normal 2 39 2 9 2Normal 2 39 2 9 3 Normal 2 4 Normal 2 40Normal 2 40 10Normal 2 40 10 2Normal 2 40 11Normal 2 40 11 2Normal 2 40 12Normal 2 40 12 2Normal 2 40 13Normal 2 40 13 2Normal 2 40 14Normal 2 40 14 2Normal 2 40 15Normal 2 40 15 2Normal 2 40 16Normal 2 40 16 2Normal 2 40 17Normal 2 40 17 2Normal 2 40 18Normal 2 40 18 2Normal 2 40 19Normal 2 40 19 2 Normal 2 40 2Normal 2 40 2 2Normal 2 40 2 3Normal 2 40 20Normal 2 40 20 2Normal 2 40 21Normal 2 40 21 2Normal 2 40 22Normal 2 40 22 2Normal 2 40 23Normal 2 40 24 Normal 2 40 3Normal 2 40 3 2Normal 2 40 3 3 Normal 2 40 4Normal 2 40 4 2Normal 2 40 4 3 Normal 2 40 5Normal 2 40 5 2Normal 2 40 5 3 Normal 2 40 6Normal 2 40 6 2Normal 2 40 6 3 Normal 2 40 7Normal 2 40 7 2Normal 2 40 7 3 Normal 2 40 8Normal 2 40 8 2Normal 2 40 8 3 Normal 2 40 9Normal 2 40 9 2Normal 2 40 9 3 Normal 2 41Normal 2 41 10Normal 2 41 10 2Normal 2 41 11Normal 2 41 11 2Normal 2 41 12Normal 2 41 12 2Normal 2 41 13Normal 2 41 13 2Normal 2 41 14Normal 2 41 14 2Normal 2 41 15Normal 2 41 15 2Normal 2 41 16Normal 2 41 16 2Normal 2 41 17Normal 2 41 17 2Normal 2 41 18Normal 2 41 18 2Normal 2 41 19Normal 2 41 19 2 Normal 2 41 2Normal 2 41 2 2Normal 2 41 2 3Normal 2 41 20Normal 2 41 20 2Normal 2 41 21Normal 2 41 21 2Normal 2 41 22Normal 2 41 22 2 Normal 2 41 3Normal 2 41 3 2Normal 2 41 3 3 Normal 2 41 4Normal 2 41 4 2Normal 2 41 4 3 Normal 2 41 5Normal 2 41 5 2Normal 2 41 5 3 Normal 2 41 6Normal 2 41 6 2Normal 2 41 6 3 Normal 2 41 7Normal 2 41 7 2Normal 2 41 7 3 Normal 2 41 8Normal 2 41 8 2Normal 2 41 8 3 Normal 2 41 9Normal 2 41 9 2Normal 2 41 9 3 Normal 2 42 Normal 2 43 Normal 2 44 Normal 2 45 Normal 2 46 Normal 2 47 Normal 2 48 Normal 2 49 Normal 2 5 Normal 2 50 Normal 2 51 Normal 2 52 Normal 2 6 Normal 2 7  Normal 2 8  Normal 2 808 Normal 2 80   Normal 2 9  Normal 20  Normal 21 Normal 22 Normal 23 Normal 24 Normal 25 Normal 26 Normal 27 Normal 28 Normal 29 Normal 3 Normal 3 10 Normal 3 11 Normal 3 12 Normal 3 13 Normal 3 14 Normal 3 15 Normal 3 16 Normal 3 17 Normal 3 18  Normal 3 19! Normal 3 2" Normal 3 20# Normal 3 21$ Normal 3 22% Normal 3 23& Normal 3 24' Normal 3 25( Normal 3 26) Normal 3 27* Normal 3 28+ Normal 3 29, Normal 3 3- Normal 3 30. Normal 3 4/ Normal 3 50 Normal 3 61 Normal 3 72 Normal 3 83 Normal 3 94 Normal 305 Normal 316 Normal 327 Normal 338 Normal 349 Normal 35: Normal 36; Normal 37< Normal 38= Normal 39 >Normal 4? Normal 40@ Normal 41A Normal 42B Normal 43C Normal 44D Normal 45E Normal 46F Normal 47G Normal 48H Normal 49 INormal 5J Normal 50K Normal 51L Normal 52M Normal 53N Normal 54O Normal 55P Normal 56Q Normal 57R Normal 58S Normal 59 TNormal 6U Normal 6 2V Normal 6 2 10WNormal 6 2 10 2XNormal 6 2 10 3Y Normal 6 2 11ZNormal 6 2 11 2[ Normal 6 2 12\Normal 6 2 12 2] Normal 6 2 13^Normal 6 2 13 2_ Normal 6 2 14`Normal 6 2 14 2a Normal 6 2 15bNormal 6 2 15 2c Normal 6 2 16dNormal 6 2 16 2e Normal 6 2 17fNormal 6 2 17 2g Normal 6 2 18hNormal 6 2 18 2i Normal 6 2 19jNormal 6 2 19 2k Normal 6 2 2l Normal 6 2 20mNormal 6 2 20 2n Normal 6 2 21oNormal 6 2 21 2p Normal 6 2 22qNormal 6 2 22 2r Normal 6 2 23sNormal 6 2 23 2t Normal 6 2 24u Normal 6 2 25v Normal 6 2 26w Normal 6 2 27x Normal 6 2 3yNormal 6 2 3 2zNormal 6 2 3 3{ Normal 6 2 4|Normal 6 2 4 2}Normal 6 2 4 3~ Normal 6 2 5Normal 6 2 5 2Normal 6 2 5 3 Normal 6 2 6Normal 6 2 6 2Normal 6 2 6 3 Normal 6 2 7Normal 6 2 7 2Normal 6 2 7 3 Normal 6 2 8Normal 6 2 8 2Normal 6 2 8 3 Normal 6 2 9Normal 6 2 9 2Normal 6 2 9 3 Normal 6 3 Normal 60 Normal 61 Normal 62 Normal 63 Normal 64 Normal 65 Normal 66 Normal 67 Normal 68 Normal 69 Normal 7 108 Normal 7 10  Normal 7 118 Normal 7 11  Normal 7 128 Normal 7 12  Normal 7 138 Normal 7 13  Normal 7 148 Normal 7 14  Normal 7 158 Normal 7 15  Normal 7 168 Normal 7 16  Normal 7 178 Normal 7 17  Normal 7 188 Normal 7 18  Normal 7 198 Normal 7 19  Normal 7 2 Normal 7 2 10 Normal 7 2 11 Normal 7 2 12 Normal 7 2 13 Normal 7 2 14 Normal 7 2 15 Normal 7 2 16 Normal 7 2 17 Normal 7 2 18 Normal 7 2 19 Normal 7 2 2Normal 7 2 2 2Normal 7 2 2 3Normal 7 2 2 4Normal 7 2 2 5Normal 7 2 2 6 Normal 7 2 20 Normal 7 2 21 Normal 7 2 22 Normal 7 2 23 Normal 7 2 24 Normal 7 2 25 Normal 7 2 26 Normal 7 2 27 Normal 7 2 28 Normal 7 2 29 Normal 7 2 3 Normal 7 2 30 Normal 7 2 31 Normal 7 2 32 Normal 7 2 33 Normal 7 2 34 Normal 7 2 35 Normal 7 2 36 Normal 7 2 37 Normal 7 2 38 Normal 7 2 39 Normal 7 2 4 Normal 7 2 40 Normal 7 2 41 Normal 7 2 42 Normal 7 2 43 Normal 7 2 44 Normal 7 2 45 Normal 7 2 46 Normal 7 2 47 Normal 7 2 48< Normal 7 2 48 Normal 7 2 48 2@Normal 7 2 48 2 Normal 7 2 48 3@Normal 7 2 48 3 Normal 7 2 48 4@Normal 7 2 48 4 Normal 7 2 48 5@Normal 7 2 48 5 Normal 7 2 48 6@Normal 7 2 48 6 Normal 7 2 48 7@Normal 7 2 48 7 Normal 7 2 48 8@Normal 7 2 48 8  Normal 7 2 49< Normal 7 2 49  Normal 7 2 5 Normal 7 2 50< Normal 7 2 50  Normal 7 2 51< Normal 7 2 51  Normal 7 2 52 Normal 7 2 53 Normal 7 2 54 Normal 7 2 55 Normal 7 2 56 Normal 7 2 57 Normal 7 2 6 Normal 7 2 7 Normal 7 2 8 Normal 7 2 9 Normal 7 208 Normal 7 20  Normal 7 218 Normal 7 21  Normal 7 228 Normal 7 22  Normal 7 238 Normal 7 23  Normal 7 248 Normal 7 24  Normal 7 258 Normal 7 25  Normal 7 268 Normal 7 26  Normal 7 278 Normal 7 27  Normal 7 288 Normal 7 28  Normal 7 298 Normal 7 29  Normal 7 3 Normal 7 308 Normal 7 30  Normal 7 318 Normal 7 31  Normal 7 328 Normal 7 32  Normal 7 338 Normal 7 33  Normal 7 348 Normal 7 34  Normal 7 358 Normal 7 35  Normal 7 368 Normal 7 36  Normal 7 378 Normal 7 37  Normal 7 388 Normal 7 38  Normal 7 398 Normal 7 39  Normal 7 4 Normal 7 408 Normal 7 40  Normal 7 418 Normal 7 41  Normal 7 428 Normal 7 42  Normal 7 438 Normal 7 43  Normal 7 448 Normal 7 44  Normal 7 458 Normal 7 45  Normal 7 468 Normal 7 46  Normal 7 478 Normal 7 47  Normal 7 488 Normal 7 48  Normal 7 498 Normal 7 49  Normal 7 5; Normal 7 5 % Normal 7 508 Normal 7 50   Normal 7 51  Normal 7 66 Normal 7 6   Normal 7 76 Normal 7 7   Normal 7 86 Normal 7 8   Normal 7 96 Normal 7 9  Normal 70 Normal 71 Normal 72 Normal 73 Normal 74 Normal 75 Normal 76 Normal 76 2 Normal 77 Normal 78 Normal 78 2 Normal 79 Normal 8 Normal 80 Normal 81 Normal 82 Normal 83 Normal 84  Normal 85! Normal 86" Normal 87# Normal 88$ Normal 89 %Normal 9& Normal 9 2' Normal 9 3( Normal 9 4) Normal 90* Normal 91+ Normal 92, Normal 93- Normal 94. Normal 95/ Normal 960 Normal 97 1Noteb Note   2Note 2fNote 2   3OutputwOutput  ???%????????? ???4$Percent 5Style 1 6Title1Title I}% 7TotalMTotal %OO8 Warning Text? Warning Text %XTableStyleMedium2PivotStyleLight16`uwin2k88 CCE IDCCE DescriptionCCE ParametersCCE Technical MechanismsaWindows Server 2008 Security Guide Spreadsheet (Windows Server 2008 Security Guide Settings.xls) CCE-1841-6gAuditing of "Security System Extension" events on success should be enabled or disabled as appropriate.(1) enabled/disabled(1) via auditpol#System / Security System Extension CCE-2348-1^Auditing of "System Integrity" events on success should be enabled or disabled as appropriate.System / System Integrity CCE-2608-8ZAuditing of "IPsec Driver" events on success should be enabled or disabled as appropriate.System / IPsec Driver CCE-2022-2aAuditing of "Other System Events" events on success should be enabled or disabled as appropriate.System / Other System Events CCE-2414-1cAuditing of "Security State Change" events on success should be enabled or disabled as appropriate.System / Security State Change CCE-2441-4SAuditing of "Logon" events on success should be enabled or disabled as appropriate.Logon/Logoff / Logon CCE-2569-2TAuditing of "Logoff" events on success should be enabled or disabled as appropriate.Logon/Logoff / Logoff CCE-2110-5]Auditing of "Account Lockout" events on success should be enabled or disabled as appropriate.Logon/Logoff / Account Lockout CCE-2260-8]Auditing of "IPsec Main Mode" events on success should be enabled or disabled as appropriate.Logon/Logoff / IPsec Main Mode CCE-2064-4^Auditing of "IPsec Quick Mode" events on success should be enabled or disabled as appropriate. Logon/Logoff / IPsec Quick Mode CCE-2350-7aAuditing of "IPsec Extended Mode" events on success should be enabled or disabled as appropriate.#Logon/Logoff / IPsec Extended Mode CCE-2610-4[Auditing of "Special Logon" events on success should be enabled or disabled as appropriate.Logon/Logoff / Special Logon CCE-2615-3gAuditing of "Other Logon/Logoff Events" events on success should be enabled or disabled as appropriate.)Logon/Logoff / Other Logon/Logoff Events CCE-2373-9cAuditing of "Network Policy Server" events on success should be enabled or disabled as appropriate.%Logon/Logoff / Network Policy Server CCE-2531-2YAuditing of "File System" events on success should be enabled or disabled as appropriate.Object Access / File System CCE-2553-6VAuditing of "Registry" events on success should be enabled or disabled as appropriate.Object Access / Registry CCE-2417-4[Auditing of "Kernel Object" events on success should be enabled or disabled as appropriate.Object Access / Kernel Object CCE-2465-3QAuditing of "SAM" events on success should be enabled or disabled as appropriate.Object Access / SAM CCE-2095-8dAuditing of "Certification Services" events on success should be enabled or disabled as appropriate.'Object Access / Certification Services CCE-2368-9cAuditing of "Application Generated" events on success should be enabled or disabled as appropriate.&Object Access / Application Generated CCE-2408-3aAuditing of "Handle Manipulation" events on success should be enabled or disabled as appropriate.$Object Access / Handle Manipulation CCE-2601-3XAuditing of "File Share" events on success should be enabled or disabled as appropriate.Object Access / File Share CCE-2482-8lAuditing of "Filtering Platform Packet Drop" events on success should be enabled or disabled as appropriate./Object Access / Filtering Platform Packet Drop CCE-2504-9kAuditing of "Filtering Platform Connection" events on success should be enabled or disabled as appropriate..Object Access / Filtering Platform Connection CCE-2033-9hAuditing of "Other Object Access Events" events on success should be enabled or disabled as appropriate.+Object Access / Other Object Access Events CCE-2205-3eAuditing of "Sensitive Privilege Use" events on success should be enabled or disabled as appropriate.(Privilege Use / Sensitive Privilege Use CCE-2104-8iAuditing of "Non Sensitive Privilege Use" events on success should be enabled or disabled as appropriate.,Privilege Use / Non Sensitive Privilege Use CCE-2386-1hAuditing of "Other Privilege Use Events" events on success should be enabled or disabled as appropriate.+Privilege Use / Other Privilege Use Events CCE-2518-9aAuditing of "Process Termination" events on success should be enabled or disabled as appropriate.(Detailed Tracking / Process Termination CCE-2522-1\Auditing of "DPAPI Activity" events on success should be enabled or disabled as appropriate.#Detailed Tracking / DPAPI Activity CCE-2544-5XAuditing of "RPC Events" events on success should be enabled or disabled as appropriate.Detailed Tracking / RPC Events CCE-2002-4^Auditing of "Process Creation" events on success should be enabled or disabled as appropriate.%Detailed Tracking / Process Creation CCE-2433-1aAuditing of "Audit Policy Change" events on success should be enabled or disabled as appropriate.$Policy Change / Audit Policy Change CCE-2566-8jAuditing of "Authentication Policy Change" events on success should be enabled or disabled as appropriate.-Policy Change / Authentication Policy Change CCE-2570-0iAuditing of "Authorization Policy Change" events on success should be enabled or disabled as appropriate.,Policy Change / Authorization Policy Change CCE-2464-6mAuditing of "MPSSVC Rule-Level Policy Change" events on success should be enabled or disabled as appropriate.0Policy Change / MPSSVC Rule-Level Policy Change CCE-2614-6nAuditing of "Filtering Platform Policy Change" events on success should be enabled or disabled as appropriate.1Policy Change / Filtering Platform Policy Change CCE-2385-3hAuditing of "Other Policy Change Events" events on success should be enabled or disabled as appropriate.+Policy Change / Other Policy Change Events CCE-2394-5eAuditing of "User Account Management" events on success should be enabled or disabled as appropriate.-Account Management / User Account Management CCE-2288-9iAuditing of "Computer Account Management" events on success should be enabled or disabled as appropriate.1Account Management / Computer Account Management CCE-2443-0gAuditing of "Security Group Management" events on success should be enabled or disabled as appropriate./Account Management / Security Group Management CCE-1642-8kAuditing of "Distribution Group Management" events on success should be enabled or disabled as appropriate.3Account Management / Distribution Group Management CCE-2468-7jAuditing of "Application Group Management" events on success should be enabled or disabled as appropriate.2Account Management / Application Group Management CCE-2485-1mAuditing of "Other Account Management Events" events on success should be enabled or disabled as appropriate.5Account Management / Other Account Management Events CCE-2367-1fAuditing of "Directory Service Access" events on success should be enabled or disabled as appropriate.%DS Access / Directory Service Access CCE-2635-1gAuditing of "Directory Service Changes" events on success should be enabled or disabled as appropriate.&DS Access / Directory Service Changes CCE-2534-6kAuditing of "Directory Service Replication" events on success should be enabled or disabled as appropriate.*DS Access / Directory Service Replication CCE-2556-9tAuditing of "Detailed Directory Service Replication" events on success should be enabled or disabled as appropriate.3DS Access / Detailed Directory Service Replication CCE-2586-6mAuditing of "Kerberos Authentication Service" events on success should be enabled or disabled as appropriate.0Account Logon / Kerberos Authentication Service CCE-2463-8eAuditing of "Credential Validation" events on success should be enabled or disabled as appropriate.&Account Logon /Credential Validation CCE-2405-9pAuditing of "Kerberos Service Ticket Operations" events on success should be enabled or disabled as appropriate.3Account Logon / Kerberos Service Ticket Operations CCE-1678-2hAuditing of "Other < Account Logon Events" events on success should be enabled or disabled as appropriate.+Account Logon / Other Account Logon Events CCE-2545-2gAuditing of "Security System Extension" events on failure should be enabled or disabled as appropriate. CCE-2440-6^Auditing of "System Integrity" events on failure should be enabled or disabled as appropriate. CCE-2351-5ZAuditing of "IPsec Driver" events on failure should be enabled or disabled as appropriate. CCE-2193-1aAuditing of "Other System Events" events on failure should be enabled or disabled as appropriate. CCE-2448-9cAuditing of "Security State Change" events on failure should be enabled or disabled as appropriate. CCE-2470-3SAuditing of "Logon" events on failure should be enabled or disabled as appropriate. CCE-2616-1TAuditing of "Logoff" events on failure should be enabled or disabled as appropriate. CCE-1889-5]Auditing of "Account Lockout" events on failure should be enabled or disabled as appropriate. CCE-2409-1]Auditing of "IPsec Main Mode" events on failure should be enabled or disabled as appropriate. CCE-2536-1^Auditing of "IPsec Quick Mode" events on failure should be enabled or disabled as appropriate. CCE-2267-3aAuditing of "IPsec Extended Mode" events on failure should be enabled or disabled as appropriate. CCE-2558-5[Auditing of "Special Logon" events on failure should be enabled or disabled as appropriate. CCE-1968-7gAuditing of "Other Logon/Logoff Events" events on failure should be enabled or disabled as appropriate. CCE-2575-9cAuditing of "Network Policy Server" events on failure should be enabled or disabled as appropriate. CCE-2488-5YAuditing of "File System" events on failure should be enabled or disabled as appropriate. CCE-2505-6VAuditing of "Registry" events on failure should be enabled or disabled as appropriate. CCE-2195-6[Auditing of "Kernel Object" events on failure should be enabled or disabled as appropriate. CCE-1961-2QAuditing of "SAM" events on failure should be enabled or disabled as appropriate. CCE-2358-0dAuditing of "Certification Services" events on failure should be enabled or disabled as appropriate. CCE-2622-9cAuditing of "Application Generated" events on failure should be enabled or disabled as appropriate. CCE-2503-1aAuditing of "Handle Manipulation" events on failure should be enabled or disabled as appropriate. CCE-2402-6XAuditing of "File Share" events on failure should be enabled or disabled as appropriate. CCE-2292-1lAuditing of "Filtering Platform Packet Drop" events on failure should be enabled or disabled as appropriate. CCE-2437-2kAuditing of "Filtering Platform Connection" events on failure should be enabled or disabled as appropriate. CCE-2583-3hAuditing of "Other Object Access Events" events on failure should be enabled or disabled as appropriate. CCE-2349-9eAuditing of "Sensitive Privilege Use" events on failure should be enabled or disabled as appropriate.enabled/disabled CCE-2605-4iAuditing of "Non Sensitive Privilege Use" events on failure should be enabled or disabled as appropriate. CCE-2371-3hAuditing of "Other Privilege Use Events" events on failure should be enabled or disabled as appropriate. CCE-2389-5aAuditing of "Process Termination" events on failure should be enabled or disabled as appropriate. CCE-2604-7\Auditing of "DPAPI Activity" events on failure should be enabled or disabled as appropriate. CCE-2498-4XAuditing of "RPC Events" events on failure should be enabled or disabled as appropriate. CCE-2375-4^Auditing of "Process Creation" events on failure should be enabled or disabled as appropriate. CCE-2269-9aAuditing of "Audit Policy Change" events on failure should be enabled or disabled as appropriate. CCE-2151-9jAuditing of "Authentication Policy Change" events on failure should be enabled or disabled as appropriate. CCE-2459-6iAuditing of "Authorization Policy Change" events on failure should be enabled or disabled as appropriate. CCE-2353-1mAuditing of "MPSSVC Rule-Level Policy Change" events on failure should be enabled or disabled as appropriate. CCE-2490-1nAuditing of "Filtering Platform Policy Change" events on failure should be enabled or disabled as appropriate. CCE-1759-0hAuditing of "Other Policy Change Events" events on failure should be enabled or disabled as appropriate. CCE-2411-7eAuditing of "User Account Management" events on failure should be enabled or disabled as appropriate. CCE-2415-8iAuditing of "Computer Account Management" events on failure should be enabled or disabled as appropriate. CCE-2560-1gAuditing of "Security Group Management" events on failure should be enabled or disabled as appropriate. CCE-2273-1kAuditing of "Distribution Group Management" events on failure should be enabled or disabled as appropriate. CCE-2542-9jAuditing of "Application Group Management" events on failure should be enabled or disabled as appropriate. CCE-2062-8mAuditing of "Other Account Management Events" events on failure should be enabled or disabled as appropriate. CCE-1926-5fAuditing of "Directory Service Access" events on failure should be enabled or disabled as appropriate. CCE-2445-5gAuditing of "Directory Service Changes" events on failure should be enabled or disabled as appropriate. CCE-1718-6kAuditing of "Directory Service Replication" events on failure should be enabled or disabled as appropriate. CCE-2489-3tAuditing of "Detailed Directory Service Replication" events on failure should be enabled or disabled as appropriate. CCE-2511-4mAuditing of "Kerberos Authentication Service" events on failure should be enabled or disabled as appropriate. CCE-2516-3eAuditing of "Credential Validation" events on failure should be enabled or disabled as appropriate. CCE-2291-3pAuditing of "Kerberos Service Ticket Operations" events on failure should be enabled or disabled as appropriate. CCE-2564-3hAuditing of "Other Account Logon Events" events on failure should be enabled or disabled as appropriate. CCE-2251-7gAuditing of "Audit account logon events" events on sucess should be enabled or disabled as appropriate.v(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit account logon events pComputer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit account logon events CCE-2211-1eAuditing of "Audit account management" events on sucess should be enabled or disabled as appropriate.t(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit account management nComputer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit account management CCE-2215-2kAuditing of "Audit directory service access" events on sucess should be enabled or disabled as appropriate.z(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit directory service access tComputer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit directory service access CCE-2242-6_Auditing of "Audit logon events" events on sucess should be enabled or disabled as appropriate.n(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit logon events hComputer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit logon events CCE-2136-0`Auditing of "Audit object access" events on sucess should be enabled or disabled as appropriate.o(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit object access iComputer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit object access CCE-2268-1`Auditing of "Audit policy change" events on sucess should be enabled or disabled as appropriate.o(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit policy change iComputer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit policy change< CCE-2035-4`Auditing of "Audit privilege use" events on sucess should be enabled or disabled as appropriate.o(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit privilege use iComputer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit privilege use CCE-2295-4cAuditing of "Audit process tracking" events on sucess should be enabled or disabled as appropriate.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit process tracking (2) Audit Policy security settings are not registry keys. lComputer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit process tracking CCE-1837-4`Auditing of "Audit system events" events on sucess should be enabled or disabled as appropriate.o(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit system events iComputer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit system events CCE-1779-8hAuditing of "Audit account logon events" events on failure should be enabled or disabled as appropriate. CCE-2538-7fAuditing of "Audit account management" events on failure should be enabled or disabled as appropriate. CCE-2582-5lAuditing of "Audit directory service access" events on failure should be enabled or disabled as appropriate. CCE-2574-2`Auditing of "Audit logon events" events on failure should be enabled or disabled as appropriate. CCE-2217-8aAuditing of "Audit object access" events on failure should be enabled or disabled as appropriate. CCE-2512-2aAuditing of "Audit policy change" events on failure should be enabled or disabled as appropriate. CCE-2265-7aAuditing of "Audit privilege use" events on failure should be enabled or disabled as appropriate. CCE-1895-2dAuditing of "Audit process tracking" events on failure should be enabled or disabled as appropriate.q(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Audit Policy/Audit process tracking CCE-1939-8aAuditing of "Audit system events" events on failure should be enabled or disabled as appropriate. CCE-2026-3[The "Access credential Manager as a trusted caller" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Access credential Manager as a trusted callerComputer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Access credential Manager as a trusted caller CCE-2075-0iThe "Access this computer from the network (SeNetworkLogonRight)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Access this computer from the network (SeNetworkLogonRight)Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Access this computer from the network (SeNetworkLogonRight) CCE-2079-2bThe "Act as part of the operating system (SeTcbPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Act as part of the operating system (SeTcbPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Act as part of the operating system (SeTcbPrivilege) CCE-2246-7HThe "Add workstations to domain" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Add workstations to domain zComputer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Add workstations to domain CCE-2004-0kThe "Adjust memory quotas for a process (SeIncreaseQuotaPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Adjust memory quotas for a process (SeIncreaseQuotaPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Adjust memory quotas for a process (SeIncreaseQuotaPrivilege) CCE-2286-3BThe "Allow log on locally" setting should be configured correctly.y(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Allow log on locally tComputer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Allow log on locally CCE-2308-5tThe "Allow log on through Terminal Services (SeRemoteInteractiveLogonRight)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Allow log on through Terminal Services (SeRemoteInteractiveLogonRight) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Allow log on through Terminal Services (SeRemoteInteractiveLogonRight) CCE-1321-9_The "Back up files and directories (SeBackupPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Back up files and directories (SeBackupPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Back up files and directories (SeBackupPrivilege) CCE-2285-5`The "Bypass traverse checking (SeChangeNotifyPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Bypass traverse checking (SeChangeNotifyPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Bypass traverse checking (SeChangeNotifyPrivilege) CCE-2290-5\The "Change the system time (SeSystemTimePrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Change the system time (SeSystemTimePrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Change the system time (SeSystemTimePrivilege) CCE-2171-7BThe "Change the time zone" setting should be configured correctly.y(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Change the time zone tComputer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Change the time zone CCE-1328-4[The "Create a pagefile (SeCreatePagefilePrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Create a pagefile (SeCreatePagefilePrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Create a pagefile (SeCreatePagefilePrivilege) CCE-1491-0\The "Create a token object (SeCreateTokenPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Create a token object (SeCreateTokenPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Create a token object (SeCreateTokenPrivilege) CCE-2226-9]The "Create global objects (SeCreateGlobalPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Create global objects (SeCreateGlobalPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Create global objects (SeCreateGlobalPrivilege) CCE-1341-7MThe "Create permanent shared objects" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Create permanent shared objects Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Create permanent shared objects CCE-2305-1< CThe "Create symbolic links" setting should be configured correctly.z(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Create symbolic links uComputer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Create symbolic links CCE-2310-1OThe "Debug programs (SeDebugPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Debug programs (SeDebugPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Debug programs (SeDebugPrivilege) CCE-2314-3uThe "Deny access to this computer from the network (SeDenyNetworkLogonRight)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Deny access to this computer from the network (SeDenyNetworkLogonRight) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Deny access to this computer from the network (SeDenyNetworkLogonRight) CCE-1834-1`The "Deny log on as a batch job (SeDenyBatchLogonRight)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Deny log on as a batch job (SeDenyBatchLogonRight) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Deny log on as a batch job (SeDenyBatchLogonRight) CCE-2296-2_The "Deny log on locally (SeDenyInteractiveLogonRight)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Deny log on locally (SeDenyInteractiveLogonRight) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Deny log on locally (SeDenyInteractiveLogonRight) CCE-1944-8`The "Deny log on as a service (SeDenyServiceLogonRight)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Deny log on as a service (SeDenyServiceLogonRight) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Deny log on as a service (SeDenyServiceLogonRight) CCE-2102-2wThe "Deny log on through Terminal Services (SeDenyRemoteInteractiveLogonRight)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Deny log on through Terminal Services (SeDenyRemoteInteractiveLogonRight) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Deny log on through Terminal Services (SeDenyRemoteInteractiveLogonRight) CCE-1481-1The "Enable computer and user accounts to be trusted for delegation (SeEnableDelegationPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Enable computer and user accounts to be trusted for delegation (SeEnableDelegationPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Enable computer and user accounts to be trusted for delegation (SeEnableDelegationPrivilege) CCE-1750-9mThe "Force shutdown from a remote system (SeRemoteShutdownPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Force shutdown from a remote system (SeRemoteShutdownPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Force shutdown from a remote system (SeRemoteShutdownPrivilege) CCE-2129-5YThe "Generate security audits (SeAuditPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Generate security audits (SeAuditPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Generate security audits (SeAuditPrivilege) CCE-1346-6WThe "Impersonate a client after authentication" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Impersonate a client after authentication Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Impersonate a client after authentication CCE-2306-9LThe "Increase a process working set" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Increase a process working set ~Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Increase a process working set CCE-2328-3lThe "Increase scheduling priority (SeIncreaseBasePriorityPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Increase scheduling priority (SeIncreaseBasePriorityPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Increase scheduling priority (SeIncreaseBasePriorityPrivilege) CCE-1455-5dThe "Load and unload device drivers (SeLoadDriverPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Load and unload device drivers (SeLoadDriverPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Load and unload device drivers (SeLoadDriverPrivilege) CCE-2332-5ZThe "Lock pages in memory (SeLockMemoryPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Lock pages in memory (SeLockMemoryPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Lock pages in memory (SeLockMemoryPrivilege) CCE-1975-2WThe "Log on as a batch job (SeBatchLogonRight)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Log on as a batch job (SeBatchLogonRight) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Log on as a batch job (SeBatchLogonRight) CCE-2270-7WThe "Log on as a service (SeServiceLogonRight)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Log on as a service (SeServiceLogonRight) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Log on as a service (SeServiceLogonRight) CCE-1843-2dThe "Manage auditing and security log (SeSecurityPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Manage auditing and security log (SeSecurityPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Manage auditing and security log (SeSecurityPrivilege) CCE-2142-8DThe "Modify an object label" setting should be configured correctly.{(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Modify an object label vComputer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Modify an object label CCE-2257-4oThe "Modify firmware environment values (SeSystemEnvironmentPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Modify firmware environment values (SeSystemEnvironmentPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Modif< y firmware environment values (SeSystemEnvironmentPrivilege) CCE-1383-9hThe "Perform volume maintenance tasks (SeManageVolumePrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Perform volume maintenance tasks (SeManageVolumePrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Perform volume maintenance tasks (SeManageVolumePrivilege) CCE-2360-6fThe "Profile single process (SeProfileSingleProcessPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Profile single process (SeProfileSingleProcessPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Profile single process (SeProfileSingleProcessPrivilege) CCE-2113-9cThe "Profile system performance (SeSystemProfilePrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Profile system performance (SeSystemProfilePrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Profile system performance (SeSystemProfilePrivilege) CCE-2382-0fThe "Remove computer from docking station (SeUndockPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Remove computer from docking station (SeUndockPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Remove computer from docking station (SeUndockPrivilege) CCE-1527-1kThe "Replace a process level token (SeAssignPrimaryTokenPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Replace a process level token (SeAssignPrimaryTokenPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Replace a process level token (SeAssignPrimaryTokenPrivilege) CCE-2294-7`The "Restore files and directories (SeRestorePrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Restore files and directories (SeRestorePrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Restore files and directories (SeRestorePrivilege) CCE-2078-4XThe "Shut down the system (SeShutdownPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Shut down the system (SeShutdownPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Shut down the system (SeShutdownPrivilege) CCE-2137-8PThe "Synchronize directory service data" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Synchronize directory service data Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Synchronize directory service data CCE-2506-4qThe "Take ownership of files or other objects (SeTakeOwnershipPrivilege)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Take ownership of files or other objects (SeTakeOwnershipPrivilege) Computer Configuration/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Take ownership of files or other objects (SeTakeOwnershipPrivilege) CCE-2337-4TThe "Accounts: Administrator account status" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Accounts: Administrator account status Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Accounts: Administrator account status CCE-2342-4LThe "Accounts: Guest account status" setting should be configured correctly.|(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Accounts: Guest account statusxComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Accounts: Guest account status CCE-2364-8xThe "Accounts: Limit local account use of blank passwords to console logon only" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Accounts: Limit local account use of blank passwords to console logon only (2) MACHINE\System\CurrentControlSet\Control\Lsa\LimitBlankPasswordUseComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Accounts: Limit local account use of blank passwords to console logon only CCE-2227-7TThe "Accounts: Rename administrator account" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Accounts: Rename administrator accountComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Accounts: Rename administrator account CCE-2372-1LThe "Accounts: Rename guest account" setting should be configured correctly.}(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Accounts: Rename guest account xComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Accounts: Rename guest account CCE-1751-7^The "Audit: Audit the access of global system objects" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Audit: Audit the access of global system objects (2) MACHINE\System\CurrentControlSet\Control\Lsa\AuditBaseObjectsComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Audit: Audit the access of global system objects CCE-1773-1bThe "Audit: Audit the use of Backup and Restore privilege" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Audit: Audit the use of Backup and Restore privilege (2) MACHINE\System\CurrentControlSet\Control\Lsa\FullPrivilegeAuditingComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Audit: Audit the use of Backup and Restore privilege CCE-2276-4The "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings (2) MACHINE\System\CurrentControlSet\Control\Lsa\SCENoApplyLegacyAuditPolicyComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings CCE-2315-0rThe "Audit: Shut down system immediately if unable to log security audits" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Audit: Shut down system immediately if unable to log security audits (2) MACHINE\System\CurrentControlSet\Control\Lsa\CrashOnAuditFailComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Audit: Shut down system immediately if unable to log security audits CCE-2196-4The "DCOM: Machine access restrictions in Security Descriptor Definition Language (SDDL) syntax" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security< Options/DCOM: Machine access restrictions in Security Descriptor Definition Language (SDDL) syntax Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/DCOM: Machine access restrictions in Security Descriptor Definition Language (SDDL) syntax CCE-2201-2The "DCOM: Machine launch restrictions in Security Descriptor Definition Language (SDDL) syntax" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/DCOM: Machine launch restrictions in Security Descriptor Definition Language (SDDL) syntax Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/DCOM: Machine launch restrictions in Security Descriptor Definition Language (SDDL) syntax CCE-2249-1\The "Devices: Allow undock without having to log on" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Devices: Allow undock without having to log on (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UndockWithoutLogonComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Devices: Allow undock without having to log on CCE-2377-0bThe "Devices: Allowed to format and eject removable media" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Devices: Allowed to format and eject removable media (2) MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateDASDComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Devices: Allowed to format and eject removable media CCE-2152-7dThe "Devices: Prevent users from installing printer drivers" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Devices: Prevent users from installing printer drivers (2) MACHINE\System\CurrentControlSet\Control\Print\Providers\LanMan Print Services\Servers\AddPrinterDriversComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Devices: Prevent users from installing printer drivers CCE-1390-4lThe "Devices: Restrict CD-ROM access to locally logged-on user only" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Devices: Restrict CD-ROM access to locally logged-on user only (2) MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateCDRomsComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Devices: Restrict CD-ROM access to locally logged-on user only CCE-2383-8lThe "Devices: Restrict floppy access to locally logged-on user only" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Devices: Restrict floppy access to locally logged-on user only (2) MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AllocateFloppiesComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Devices: Restrict floppy access to locally logged-on user only CCE-2049-5iThe "Domain Controller: Allow server operators to schedule tasks" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain Controller: Allow server operators to schedule tasks Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain Controller: Allow server operators to schedule tasks CCE-2317-6aThe "Domain Controller: LDAP server signing requirements" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain Controller: LDAP server signing requirements Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain Controller: LDAP server signing requirements CCE-1934-9hThe "Domain Controller: Refuse machine account password changes" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain Controller: Refuse machine account password changes Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain Controller: Refuse machine account password changes CCE-2203-8sThe "Domain member: Digitally encrypt or sign secure channel data (always)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Digitally encrypt or sign secure channel data (always) (2) MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireSignOrSealComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Digitally encrypt or sign secure channel data (always) CCE-1868-9rThe "Domain member: Digitally encrypt secure channel data (when possible)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Digitally encrypt secure channel data (when possible) (2) MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SealSecureChannelComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Digitally encrypt secure channel data (when possible) CCE-2362-2oThe "Domain member: Digitally sign secure channel data (when possible)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Digitally sign secure channel data (when possible) (2) MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\SignSecureChannelComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Digitally sign secure channel data (when possible) CCE-2256-6eThe "Domain member: Disable machine account password changes" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Disable machine account password changes (2) MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\DisablePasswordChangeComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Disable machine account password changes CCE-2278-0aThe "Domain member: Maximum machine account password age" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Maximum machine account password age (2) MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\MaximumPasswordAgeComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Maximum machine account password age CCE-1802-8oThe "Domain member: Require strong (Windows 2000 or later) session key" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Require strong (Windows 2000 or later) session key (2) MACHINE\System\CurrentControlSet\Services\Netlogon\Parameters\RequireStrongKeyComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Domain member: Require strong (Windows 2000 or later) session key CCE-2199-8^The "Interactive logon: Do not display last user name" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Do not display last user name (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DontDisplayLastUserNameComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: D< o not display last user name CCE-2331-7\The "Interactive logon: Do not require CTRL+ALT+DEL" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Do not require CTRL+ALT+DEL (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableCADComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Do not require CTRL+ALT+DEL CCE-2225-1lThe "Interactive logon: Message text for users attempting to log on" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Message text for users attempting to log on (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeTextComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Message text for users attempting to log on CCE-2037-0mThe "Interactive logon: Message title for users attempting to log on" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Message title for users attempting to log on (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\LegalNoticeCaptionComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Message title for users attempting to log on CCE-2297-0The "Interactive logon: Number of previous logons to cache (in case domain controller is not available)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Number of previous logons to cache (in case domain controller is not available) (2) MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Number of previous logons to cache (in case domain controller is not available) CCE-2324-2qThe "Interactive logon: Prompt user to change password before expiration" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Prompt user to change password before expiration (2) MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\PasswordExpiryWarningComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Prompt user to change password before expiration CCE-2346-5The "Interactive logon: Require Domain Controller authentication to unlock workstation" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Require Domain Controller authentication to unlock workstation (2) MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ForceUnlockLogonComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Require Domain Controller authentication to unlock workstation CCE-2223-6SThe "Interactive logon: Require smart card" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Require smart cardComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Require smart card CCE-1448-0\The "Interactive logon: Smart card removal behavior" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Smart card removal behavior (2) MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScRemoveOptionComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Interactive logon: Smart card removal behavior CCE-2356-4nThe "Microsoft network client: Digitally sign communications (always)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network client: Digitally sign communications (always) (2) MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\RequireSecuritySignatureComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network client: Digitally sign communications (always) CCE-2378-8xThe "Microsoft network client: Digitally sign communications (if server agrees)" setting should be configured correctly. (1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network client: Digitally sign communications (if server agrees) (2) MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnableSecuritySignatureComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network client: Digitally sign communications (if server agrees) CCE-2272-3|The "Microsoft network client: Send unencrypted password to third-party SMB servers" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network client: Send unencrypted password to third-party SMB servers (2) MACHINE\System\CurrentControlSet\Services\LanmanWorkstation\Parameters\EnablePlainTextPasswordComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network client: Send unencrypted password to third-party SMB servers CCE-2236-8~The "Microsoft network server: Amount of idle time required before suspending session" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network server: Amount of idle time required before suspending session (2) MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\AutoDisconnectComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network server: Amount of idle time required before suspending session CCE-2381-2nThe "Microsoft network server: Digitally sign communications (always)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network server: Digitally sign communications (always) (2) MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\RequireSecuritySignatureComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network server: Digitally sign communications (always) CCE-2263-2xThe "Microsoft network server: Digitally sign communications (if client agrees)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network server: Digitally sign communications (if client agrees) (2) MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableSecuritySignatureComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network server: Digitally sign communications (if client agrees) CCE-2029-7rThe "Microsoft network server: Disconnect clients when logon hours expire" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network server: Disconnect clients when logon hours expire (2) MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\EnableForcedLogOffComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Microsoft network server: Disconnect clients when logon hours expire CCE-2307-7lThe "MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended)" setting should be configured correctly.< (1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) (2) MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\AutoAdminLogonComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (AutoAdminLogon) Enable Automatic Logon (not recommended) CCE-1826-7The "MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing) (2) MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\DisableIPSourceRoutingComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (DisableIPSourceRouting) IP source routing protection level (protects against packet spoofing) CCE-1967-9The "MSS: (EnableDeadGWDetect) Allow automatic detection of dead network gateways (could lead to DoS)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (EnableDeadGWDetect) Allow automatic detection of dead network gateways (could lead to DoS) (2) MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\EnableDeadGWDetectComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (EnableDeadGWDetect) Allow automatic detection of dead network gateways (could lead to DoS) CCE-1470-4~The "MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes (2) MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\EnableICMPRedirectComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (EnableICMPRedirect) Allow ICMP redirects to override OSPF generated routes CCE-2241-8The "MSS: (Hidden) Hide Computer From the Browse List (not recommended except for highly secure environments)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (Hidden) Hide Computer From the Browse List (not recommended except for highly secure environments) (2) MACHINE\System\CurrentControlSet\Services\Lanmanserver\Parameters\HiddenComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (Hidden) Hide Computer From the Browse List (not recommended except for highly secure environments) CCE-2399-4xThe "MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds (2) MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\KeepAliveTimeComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (KeepAliveTime) How often keep-alive packets are sent in milliseconds CCE-2404-2The "MSS: (NoDefaultExempt) Configure IPSec exemptions for various types of network traffic." setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (NoDefaultExempt) Configure IPSec exemptions for various types of network traffic. (2) MACHINE\System\CurrentControlSet\Services\IPSEC\NoDefaultExemptComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (NoDefaultExempt) Configure IPSec exemptions for various types of network traffic. CCE-2298-8tThe "MSS: (NoDriveTypeAutoRun) Disable Autorun for all drives (recommended)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (NoDriveTypeAutoRun) Disable Autorun for all drives (recommended) (2) MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRunComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (NoDriveTypeAutoRun) Disable Autorun for all drives (recommended) CCE-2320-0The "MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers" setting should be configured correctly.%(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers (2) MACHINE\System\CurrentControlSet\Services\Netbt\Parameters\NoNameReleaseOnDemandComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (NoNameReleaseOnDemand) Allow the computer to ignore NetBIOS name release requests except from WINS servers CCE-2156-8aThe automatic generation of 8.3 file names for NTFS should be enabled or disabled as appropriate."(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended) (2) MACHINE\System\CurrentControlSet\Control\FileSystem\NtfsDisable8dot3NameCreationComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (NtfsDisable8dot3NameCreation) Enable the computer to stop generating 8.3 style filenames (recommended) CCE-1800-2The "MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS)" setting should be configured correctly.$(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS) (2) MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\PerformRouterDiscoveryComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (PerformRouterDiscovery) Allow IRDP to detect and configure Default Gateway addresses (could lead to DoS) CCE-2447-1pThe "MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended) (2) MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SafeDllSearchModeComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended) CCE-2183-2The "MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended)" setting should be configured correctly.(1) number of seconds.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended) (2) MACHINE\SYSTEM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\ScreenSaverGracePeriodComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (ScreenSaverGracePeriod) The time in seconds before the screen saver grace period expires (0 recommended) CCE-1460-5xThe "MSS: (SynAttackProtect) Syn attack protection level (protects against DoS)" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (SynAttackProtect) Syn attack protection level (protects against DoS) (2) MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\SynAttackProtectComputer Configuration/Windows Settings/Security Settings/Local Polici< es/Security Options/MSS: (SynAttackProtect) Syn attack protection level (protects against DoS) CCE-2384-6The "MSS: (TCPMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged" setting should be configured correctly.5(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (TCPMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged (2) MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxConnectResponseRetransmissionsComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (TCPMaxConnectResponseRetransmissions) SYN-ACK retransmissions when a connection request is not acknowledged CCE-2424-0The "MSS: (TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting should be configured correctly.+(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default) (2) MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\TcpMaxDataRetransmissionsComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (TCPMaxDataRetransmissions) How many times unacknowledged data is retransmitted (3 recommended, 5 is default) CCE-2442-2The "MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning (2) MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Security\WarningLevelComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/MSS: (WarningLevel) Percentage threshold for the security event log at which the system will generate a warning CCE-2318-4bThe "Network access: Allow anonymous SID/Name translation" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Allow anonymous SID/Name translation Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Allow anonymous SID/Name translation CCE-1962-0pThe "Network access: Do not allow anonymous enumeration of SAM accounts" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Do not allow anonymous enumeration of SAM accounts (2) MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymousSAMComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Do not allow anonymous enumeration of SAM accounts CCE-2340-8{The "Network access: Do not allow anonymous enumeration of SAM accounts and shares" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Do not allow anonymous enumeration of SAM accounts and shares (2) MACHINE\System\CurrentControlSet\Control\Lsa\RestrictAnonymousComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Do not allow anonymous enumeration of SAM accounts and shares CCE-2111-3The "Network access: Do not allow storage of credentials or .NET Passports for network authentication" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Do not allow storage of credentials or .NET Passports for network authentication (2) MACHINE\System\CurrentControlSet\Control\Lsa\DisableDomainCredsComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Do not allow storage of credentials or .NET Passports for network authentication CCE-1824-2oThe "Network access: Let Everyone permissions apply to anonymous users" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Let Everyone permissions apply to anonymous users (2) MACHINE\System\CurrentControlSet\Control\Lsa\EveryoneIncludesAnonymousComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Let Everyone permissions apply to anonymous users CCE-2089-1jThe "Network access: Named Pipes that can be accessed anonymously" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Named Pipes that can be accessed anonymously (2) MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionPipesComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Named Pipes that can be accessed anonymously CCE-1521-4`The "Network access: Remotely accessible registry paths" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Remotely accessible registry paths (2) MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedPaths\MachineComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Remotely accessible registry paths CCE-2357-2nThe "Network access: Remotely accessible registry paths and sub paths" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Remotely accessible registry paths and sub paths (2) MACHINE\System\CurrentControlSet\Control\SecurePipeServers\Winreg\AllowedPaths\MachineComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Remotely accessible registry paths and sub paths CCE-2361-4qThe "Network access: Restrict anonymous access to Named Pipes and Shares" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Restrict anonymous access to Named Pipes and Shares (2) MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionSharesComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Restrict anonymous access to Named Pipes and Shares CCE-2507-2eThe "Network access: Shares that can be accessed anonymously" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Shares that can be accessed anonymously (2) MACHINE\System\CurrentControlSet\Services\LanManServer\Parameters\NullSessionShares Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Shares that can be accessed anonymously CCE-2406-7kThe "Network access: Sharing and security model for local accounts" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Sharing and security model for local accounts (2) MACHINE\System\CurrentControlSet\Control\Lsa\ForceGuestComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network access: Sharing and security model for local accounts CCE-2304-4{The "Network security: Do not store LAN Manager hash value on next password change" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: Do not store LAN Manager hash value on next password change (2) MACHINE\System\CurrentControlSet\Control\Lsa\No< LMHashComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: Do not store LAN Manager hash value on next password change CCE-2432-3dThe "Network security: Force logoff when logon hours expire" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: Force logoff when logon hours expire Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: Force logoff when logon hours expire CCE-2454-7`The "Network security: LAN Manager authentication level" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: LAN Manager authentication level (2) MACHINE\System\CurrentControlSet\Control\Lsa\LmCompatibilityLevelComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: LAN Manager authentication level CCE-2327-5`The "Network security: LDAP client signing requirements" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: LDAP client signing requirements (2) MACHINE\System\CurrentControlSet\Services\LDAP\LDAPClientIntegrityComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: LDAP client signing requirements CCE-1767-3The "Network security: Minimum session security for NTLM SSP based (including secure RPC) clients" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: Minimum session security for NTLM SSP based (including secure RPC) clients (2) MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinClientSecComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: Minimum session security for NTLM SSP based (including secure RPC) clients CCE-2410-9The "Network security: Minimum session security for NTLM SSP based (including secure RPC) servers" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: Minimum session security for NTLM SSP based (including secure RPC) servers (2) MACHINE\System\CurrentControlSet\Control\Lsa\MSV1_0\NTLMMinServerSecComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Network security: Minimum session security for NTLM SSP based (including secure RPC) servers CCE-2309-3dThe "Recovery console: Allow automatic administrative logon" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Recovery console: Allow automatic administrative logon (2) MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SecurityLevelComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Recovery console: Allow automatic administrative logon CCE-1553-7zThe "Recovery console: Allow floppy copy and access to all drives and all folders" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Recovery console: Allow floppy copy and access to all drives and all folders (2) MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Setup\RecoveryConsole\SetCommandComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Recovery console: Allow floppy copy and access to all drives and all folders CCE-2403-4mThe "Shutdown: Allow system to be shut down without having to log on" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Shutdown: Allow system to be shut down without having to log on (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ShutdownWithoutLogonComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Shutdown: Allow system to be shut down without having to log on CCE-2416-6UThe "Shutdown: Clear virtual memory pagefile" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Shutdown: Clear virtual memory pagefile (2) MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management\ClearPageFileAtShutdownComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/Shutdown: Clear virtual memory pagefile CCE-2319-2The "System cryptography: Force strong key protection for user keys stored on the computer" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/System cryptography: Force strong key protection for user keys stored on the computer Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/System cryptography: Force strong key protection for user keys stored on the computer CCE-2261-6The "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing (2) MACHINE\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicyComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing CCE-2429-9sThe "System objects: Require case insensitivity for non-Windows subsystems" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/System objects: Require case insensitivity for non-Windows subsystems (2) MACHINE\System\CurrentControlSet\Control\Session Manager\Kernel\ObCaseInsensitiveComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/System objects: Require case insensitivity for non-Windows subsystems CCE-2451-3The "System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)" setting should be configured correctly. (1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) (2) MACHINE\System\CurrentControlSet\Control\Session Manager\ProtectionModeComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links) CCE-1598-2 DEPRECATED. CCE-2421-6The "System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/System settings: Use Certificate Rules on Windows Executables for Software Restriction Policies CCE-2302-8~The "User Account Control: Admin Approval Mode for the Built-in Administrator account" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Admin Approval Mode for the Built-in Administrator account (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\FilterAdministratorTokenComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Admin Approval Mode for the Built-in Admin< istrator account CCE-2434-9The "User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop" setting should be configured correctly.$(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop (2) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableUIADesktopToggleComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop CCE-2474-5The "User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode" setting should be configured correctly.!(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorAdminComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode CCE-2355-6wThe "User Account Control: Behavior of the elevation prompt for standard users" setting should be configured correctly. (1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Behavior of the elevation prompt for standard users (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ConsentPromptBehaviorUserComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Behavior of the elevation prompt for standard users CCE-2487-7}The "User Account Control: Detect application installations and prompt for elevation" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Detect application installations and prompt for elevation (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableInstallerDetectionComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Detect application installations and prompt for elevation CCE-2509-8zThe "User Account Control: Only elevate executables that are signed and validated" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Only elevate executables that are signed and validated (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\ValidateAdminCodeSignaturesComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Only elevate executables that are signed and validated CCE-2473-7The "User Account Control: Only elevate UIAccess applications that are installed in secure locations" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Only elevate UIAccess applications that are installed in secure locations (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableSecureUIAPathsComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Only elevate UIAccess applications that are installed in secure locations CCE-2478-6qThe "User Account Control: Run all administrators in Admin Approval Mode" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Run all administrators in Admin Approval Mode (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUAComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Run all administrators in Admin Approval Mode CCE-2500-7}The "User Account Control: Switch to the secure desktop when prompting for elevation" setting should be configured correctly. (1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Switch to the secure desktop when prompting for elevation (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\PromptOnSecureDesktopComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Switch to the secure desktop when prompting for elevation CCE-2266-5The "User Account Control: Virtualize file and registry write failures to per-user locations" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Virtualize file and registry write failures to per-user locations (2) MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\EnableVirtualizationComputer Configuration/Windows Settings/Security Settings/Local Policies/Security Options/User Account Control: Virtualize file and registry write failures to per-user locations CCE-2539-5@The application log maximum size should be configured correctly.(1) size of filerComputer Configuration\Administrative Templates\Windows Components\Event Log Service\Application\Maximum Log Size CCE-2244-2=The security log maximum size should be configured correctly.oComputer Configuration\Administrative Templates\Windows Components\Event Log Service\Security\Maximum Log Size CCE-2262-4;The system log maximum size should be configured correctly.mComputer Configuration\Administrative Templates\Windows Components\Event Log Service\System\Maximum Log Size CCE-1622-0gThe "Prevent local guests group from accessing application log" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Event Log//Prevent local guests group from accessing application log (2) Event Log security settings are not registry keys.~Computer Configuration/Windows Settings/Security Settings/Event Log//Prevent local guests group from accessing application log CCE-2189-9bThe "Prevent local guests group from accessing system log" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Event Log//Prevent local guests group from accessing system log (2) Event Log security settings are not registry keys.yComputer Configuration/Windows Settings/Security Settings/Event Log//Prevent local guests group from accessing system log CCE-2149-3dThe "Prevent local guests group from accessing security log" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Event Log//Prevent local guests group from accessing security log (2) Event Log security settings are not registry keys.{Computer Configuration/Windows Settings/Security Settings/Event Log//Prevent local guests group from accessing security log CCE-2541-1WThe "Retain old events" setting should be configured correctly for the application log.%(1) Computer Configuration\Administrative Templates\Windows Components\Event Log Service\Application\Retain old events (2) HKCU\Software\Policies\Microsoft\Windows\EventLog\Application\Retention (3) Computer Configuration/Windows Settings/Security Settings/Event Log//Retain application log[Computer Configuration/Windows Settings/Security Settings/Event Log//Retain application log CCE-2435-6TThe "Retain old events" setting should be configured correctly for the security log.(1) Computer Configuration\Administrative Templates\Windows Components\Event Log Service\Security\Retain old events (2) HKCU\Software\Policies\Microsoft\Windows\EventLog\Security\Retention (3) Computer Configuration/Windows Settings/Security Settings/Event Log//Retain security logXComputer Configuration/Windows Settings/Security Sett< ings/Event Log//Retain security log CCE-2581-7RThe "Retain old events" setting should be configured correctly for the system log.(1) Computer Configuration\Administrative Templates\Windows Components\Event Log Service\System\Retain old events (2) HKCU\Software\Policies\Microsoft\Windows\EventLog\System\Retention (3) Computer Configuration/Windows Settings/Security Settings/Event Log//Retain system logVComputer Configuration/Windows Settings/Security Settings/Event Log//Retain system log CCE-1819-2RThe "Retention method for application log" setting should be configured correctly.n(1) Computer Configuration/Windows Settings/Security Settings/Event Log//Retention method for application log iComputer Configuration/Windows Settings/Security Settings/Event Log//Retention method for application log CCE-1836-6OThe "Retention method for security log" setting should be configured correctly.k(1) Computer Configuration/Windows Settings/Security Settings/Event Log//Retention method for security log fComputer Configuration/Windows Settings/Security Settings/Event Log//Retention method for security log CCE-2607-0MThe "Retention method for system log" setting should be configured correctly.i(1) Computer Configuration/Windows Settings/Security Settings/Event Log//Retention method for system log dComputer Configuration/Windows Settings/Security Settings/Event Log//Retention method for system log CCE-2237-6FThe "Enforce password history" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Account Policies/Password Policy (Settings included in Domain Policies)GPO Settings: Computer Configuration/Windows Settings/Security Settings/Account Policies/Password Policy (Settings included in Domain Policies) CCE-2200-4BThe "Maximum password age" setting should be configured correctly. CCE-1861-4BThe "Minimum password age" setting should be configured correctly. CCE-2240-0EThe "Minimum password length" setting should be configured correctly. CCE-2126-1XThe "Password must meet complexity requirements" setting should be configured correctly. CCE-2289-7YThe "Store passwords using reversible encryption" setting should be configured correctly. CCE-1317-7FThe "Account lockout duration" setting should be configured correctly.(1) Computer Configuration/Windows Settings/Security Settings/Account Policies/Account Lockout Policy (Settings included in Domain Policies)GPO Settings: Computer Configuration/Windows Settings/Security Settings/Account Policies/Account Lockout Policy (Settings included in Domain Policies) CCE-1872-1GThe "Account lockout threshold" setting should be configured correctly. CCE-2311-9QThe "Reset account lockout counter after" setting should be configured correctly. CCE-5229-0The "MSS: (DisableIPSourceRouting) IPv6 source routing protection level (protects against packet spoofing)" setting should be configured correctly.(1) 0 = No additional protection, source routed packets are allowed | 1 = Medium, source routed packets ignored when IP forwarding is enabled | 2 = Highest protection, source routing is completely disabled(1) Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\MSS: (DisableIPSourceRouting) IPv6 source routing protection level (protects against packet spoofing) (2) HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters\DisableIPSourceRoutingComputer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\MSS: (DisableIPSourceRouting) IPv6 source routing protection level (protects against packet spoofing) CCE-5263-9The "MSS: (TCPMaxDataRetransmissions) IPv6, how many times unacknowledged data is retransmitted (3 recommended, 5 is default)" setting should be configured correctly.(1) Numeric value0(1) Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\MSS: (TCPMaxDataRetransmissions) IPv6, how many times unacknowledged data is retransmitted (3 recommended, 5 is default) (2) HKLM\System\CurrentControlSet\Services\Tcpip6\Parameters\TcpMaxDataRetransmissionsComputer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\MSS: (TCPMaxDataRetransmissions) IPv6, how many times unacknowledged data is retransmitted (3 recommended, 5 is default) CCE-7636-4mThe "Always Prompt Client for Password upon Connection" policy should be set correctly for Terminal Services.(1) 0 = Enabled | 1 = Disabled(1) HKLM\ SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\fPromptForPassword (2) Computer Configuration\Administrative Templates\Windows Components\Terminal Services\Terminal Server\Security\Always prompt for password upon connection CCE-8478-0WThe "Configure Automatic Updates" setting should be enabled or disabled as appropriate.(1) HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\AUOptions (2) Computer Configuration\Administrative Templates\Windows Components\Windows Update\Configure Automatic Updates CCE-7639-8?The default behavior for AutoRun should be properly configured.m(1) Enabled: Do not execute any autorun commands / Enabled: Automatically execute autorun commands / Disabled(1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoAutoRun (2) Computer Configuration\Administrative Templates\Windows Components\Autoplay Policies\Default behavior for AutoRun CCE-8125-7MThe "Unsigned Driver Installation Behavior" policy should be set correctly. N(1) Silently succeed | Warn but allow installation | Do not allow installation(1) HKLM\Software\Microsoft\Driver Signing\Policy (2) Computer Configuration\Windows Settings\Local Policies\Security Options\Devices: Unsigned driver installation behavior CCE-8178-6ZThe "Disable remote Desktop Sharing" setting should be enabled or disabled as appropriate.(1) HKLM\Software\Policies\Microsoft\Conferencing\NoRDS, Computer Configuration\Administrative Templates\Windows Components\NetMeeting CCE-8504-3VThe startup type of the NetMeeting Remote Desktop Sharing service should be correct. (1) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mnmsrvc\Start (2) defined by the Services Administrative Tool (3) definied by Group Policy CCE-8596-9PThe "Do Not Allow Windows Messenger to be Run" policy should be set correctly. (1) HKLM\Software\Policies\Microsoft\Messenger\Client\PreventRun (2) Computer Configuration\Administrative Templates\Windows Components\Windows Messenger\Do not allow Windows Messenger to be run CCE-8594-4GThe "Enforce user logon restrictions" policy should be set correctly. ~(1) Computer Configuration\Windows Settings\Security Settings\Account Policies\Kerberos Policy\Enforce user logon restrictions CCE-8568-8iThe "Enumerate administrator accounts on elevation" setting should be enabled or disabled as appropriate.(1) HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\CredUI\EnumerateAdministrators (2) Computer Configuration\Administrative Templates\Windows Components\Credential User Interface\Enumerate administrator accounts on elevation CCE-8585-2NThe maximum lifetime for Kerberos service tickets should be set appropriately.(1) Number of minutes(1) Computer Configuration\Windows Settings\Security Settings\Account Policies\Kerberos Policy\Maximum lifetime for service ticket CCE-8409-5KThe maximum lifetime for Kerberos user tickets should be set appropriately.(1) Number of hours(1) Computer Configuration\Windows Settings\Security Settings\Account Policies\Kerberos Policy\Maximum lifetime for user ticket CCE-8000-2RThe maximum lifetime for Kerberos user ticket renewal should be set appropriately.(1) Number of days(1) Computer Configuration\Windows Settings\Security Settings\Account Policies\Kerberos Policy\Maximum lifetime for user ticket renewal CCE-8268-5bThe maximum tolerance for computer clock synchronization for Kerberos should be set appropriately.(1) Computer Configuration\Windows Settings\Security Settings\Account Policies\Kerberos Policy\Maximum tolerance for computer clock synchronization<$ CCE-8378-2SAutomatic Reboot After System Crash should be enabled or disabled as appropriate. (1) HKLM\SYSTEM\CurrentControlSet\Control\CrashControl\AutoReboot (2) Computer Configuration\Windows Settings\Local Policies\Security Options\MSS: (AutoReboot) Allow Windows to automatically restart after a system crash (recommended except for highly secure environments) CCE-7893-1DDisable saving of dial-up passwords should be properly configured. (1) HKLM\SYSTEM\CurrentControlSet\Services\RasMan\Parameters\DisableSavePassword (2) Computer Configuration\Windows Settings\Local Policies\Security Options\MSS: (DisableSavePassword) Prevent the dial-up passsword from being saved (recommended) CCE-8598-5cThe "No auto-restart for scheduled Automatic Updates installations" policy should be set correctly.(1) HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoRebootWithLoggedOnUsers (2) Computer Configuration\Administrative Templates\Windows Components\Windows Update\No auto-restart for scheduled Automatic Updates installations CCE-7643-0_The "Allow Unsolicited Remote Assistance" policy should be set correctly for Terminal Services.(1) HKLM\Software\policies\Microsoft\Windows NT\Terminal ServicesfAllowUnsolicited (2) Computer Configuration\Administrative Templates\System\Remote Assistance CCE-8492-1UThe "Registry policy processing" policy should be enabled or disabled as appropriate.(1) HKLM\Software\Policies\Microsoft\Windows\Group Policy\{35378EAC-683F-11D2-A89A-00C04FBBCFA2}\ NoBackgroundPolicy (2) Computer Configuration\Administrataive Templates\System\Group Policy\Registry policy processing CCE-7646-3pThe "Reschedule Automatic Updates scheduled installations" setting should be enabled or disabled as appropriate.(1) HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate\AU\RescheduleWaitTimeEnabled (2) Computer Configuration\Administrative Templates\Windows Components\Windows Update\Reschedule Automatic Updates scheduled installations CCE-7658-8OAuthentication requirements for RPC clients should be configured appropriately.9(1) Authenticated, Authenticated without exceptions, None(1) HKLM\Software\Policies\Microsoft\Windows NT\Rpc\RestrictRemoteClients (2) Computer Configuration\Administrative Templates\System\Remote Procedure Call\Restrictions for Unauthenticated RPC clients CCE-8572-0WRPC Endpoint Mapper Client Authentication should be enabled or disabled as appropriate.(1) HKLM\Software\Policies\Microsoft\Windows NT\Rpc\EnableAuthEpResolution (2) Computer Configuration\Administrative Templates\System\Remote Procedure Call\RPC Endpoint Mapper Client Authentication CCE-7667-9bThe "Set Client connection Encryption Level" policy should be set correctly for Terminal Services.Q(1) Enabled:Client Compatible | Enabled:High level | Enabled:Low level | Disabled(1) HKLM\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services\MinEncryptionLevel (2) Computer Configuration\Administrative Templates\Windows Components\Terminal Services\Terminal Server\Security\Set client connection encryption level CCE-8634-8LThe "Turn off Autoplay" policy should be enabled or disabled as appropriate.(1) HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoDriveTypeAutoRun (2) Computer Configuration\Administrative Templates\Windows Components\Autoplay Policies\Turn off Autoplay8 (1) disabled/manual/automatic/automatic (delayed start)*(1) Computer Configuration/Windows Settings/Security Settings/Event Log//Maximum application log size (2) Computer Configuration\Administrative Templates\Windows Components\Event Log Service\Application\Maximum Log Size (3) HKLM\Software\Policies\Microsoft\Windows\EventLog\Application\MaxSize (1) Computer Configuration/Windows Settings/Security Settings/Event Log//Maximum security log size (2) Computer Configuration\Administrative Templates\Windows Components\Event Log Service\Security\Maximum Log Size (3) HKLM\Software\Policies\Microsoft\Windows\EventLog\Security\MaxSize(1) Computer Configuration/Windows Settings/Security Settings/Event Log//Maximum system log size (2) Computer Configuration\Administrative Templates\Windows Components\Event Log Service\System\Maximum Log Size (3) HKLM\Software\Policies\Microsoft\Windows\EventLog\System\MaxSizeLast modified: 2012-02-16Version: 5.20120314  OX-6 2;  dmjsbkjsirqzuZcH8    O4H- _#%'+p U/3]6"9XO=@?CG4K PRVsfZ]}a?eDi lW psuw|(ɀ-~ p `_L!գ֨  _`~3Q 8xic~x E?3   sZ0vLU+"'p, g2I68<|@5 DFHr/K O,`TQWkZ]%_&ecg kw IoccB f2ɀ 86[ˮ9_[sO/  dMbP?_*+%&?'?(?)?Mb\\mbps1\1S153A-HPS odXXLetterPRIV0'''' \KhCN 7SMTJHP LaserJet 9050 PSESPRITSupportedTrueHPOrientationHPOrientationPortraitHPOrientRotate180FalsePostScriptCustomPageSizeFalseHPConsumerCustomPaperPSCustomHPSmartDuplexSinglePageJobTrueHPSmartDuplexOddPageJobTrueDuplexDuplexNoTumbleHPDuplicateJobNameOverrideSWFWPageSizeLETTERPageRegionLeadingEdgeInputSlot*UseFormTrayTableMediaTypeAutoHPNUseDiffFirstPageChoiceTrueHPPageExceptionsFileHPCPE5r1HPPageExceptionsInterfaceShowPageExceptionsHPPageExceptionsLowEndHPPageExceptionsLowEndVerHPPageExceptionsCoverInsertionHPMediaTypeDuplexConstraintsEXTRA_HEAVYHPDocUISUITruePSAlignmentFileHPCLS5r1PSServices_DeviceandSuppliesStatusTRUEHPSmartHub_OnlinediagnostictoolsTRUEHPSmartHub_SupportandtroubleshootingTRUEHPSmartHub_ProductmanualsTRUEHPSmartHub_CheckfordriverupdatesTRUEPSServicesOptionPrnStat_SID_242_BID_270_HID_15521HPSmartHubInet_SID_263_BID_276_HID_265JCLOptimizeForPLAINCollateFalseOutputBinAutoStapleLocationNoneAlternateLetterHeadFalseHPPaperSizeALMConstraintsENV_10TextAsBlackFalseHPEnableRAWSpoolingTrueHPDocPropResourceDataHPCabFileNameJCLEconomodeFalseJCLResolution600dpiJCLFastResTrueJCLHPPrintOnBothSidesManuallyFalseHPEdgeToEdgeTrueHPPJLEncodingUTF8HPJobAccountingHPJOBACCT_JOBACNTPrintQualityGroupPQGroup_1HPBornOnDateHPBODHPJobByJobOverrideJBJOHPColorModeMONOCHROME_MODEHPXMLFileUsedhpc9050s.xmlHPSendPJLUsageCmdCURIJRConstraintsJRCHDPartialJRHDInstalledJRHDOffJRHDNotInstalledJRHDOffHPJobAccWoPinTrueIUPHxMkA -ԛ\b%uE&45/1RI%H"~?~/9OM3م6/i<3LiMp*_E|!a嘴XKpOv1~u| %/ji#\De{9QR)MlFҒZ1T eb_JAT&PƦz;&7JUM얪*O?->H [f_`~> Cͬ]ΆzOq̘͝k̥xdKq6ڦFjrYlp M/#u`0":div \>Əl<Ӎ_]wgQEwkAAAA|B:"dXX??&U} L} <} ;} 2<} =} ->} 4$ ?} 5$ ?6 ``E     >>>9 : @ : A A B AC D F G ; GH > F G ; GH > F G ; GH > F G ; GH > F G ; GH > F G ; GH > F G ; G H > F G ; G H > F G ; G H >! F" G# ; G H >$ F% G& ; G H >' F( G) ; GH >* F+ G, ; GH >- F. G/ ; GH >0 F1 G2 ; GH >3 F4 G5 ; GH >6 F7 G8 ; GH >9 F: G; ; GH >< F= G> ; GH >? F@ GA ; GH >B FC GD ; GH >E FF GG ; GH >H FI GJ ; GH >K FL GM ; GH >N FO GP ; GH >Q FR GS ; GH >T FU GV ; G= >W FX GY ; GH >Z F[ G\ ; GH >]D lPPPPPPPPPPPPPPPPPPPPPPPPPPPPP !"#$I%I&'()*+,-./0123456789:;<=>? F^ G_ ; G H >` !Fa !Gb !; !G!H !>c "Fd "Ge "; "G"H ">f #Fg #Gh #; #G#H #>i $Fj $Gk $; $G$H $>l %Fm %Gn %; %G%H %>o &Fp &Gq &; &G&H &>r 'Fs 'Gt '; 'G'H '>u (Fv (Gw (; (G(H (>x )Fy )Gz ); )G)H )>{ *F| *G} *; *G*H *>~ +F +G +; +G+H +> ,F ,G ,; ,G,H ,> -F -G -; -G-H -> .F .G .; .G.H .> /F /G /; /G/H /> 0F 0G 0; 0G0H 0> 1F 1G 1; 1G1H 1> 2F 2G 2; 2G2H 2> 3F 3G 3; 3G3H 3> 4F 4G 4; 4G4H 4> 5F 5G 5; 5G5H 5> 6F 6G 6; 6G6H 6> 7F 7G 7; 7G7H 7> 8F 8G 8; 8G8H 8> 9F 9G 9; 9G9H 9> :F :G :; :G:H :> ;F ;G ;; ;G;H ;> <F <G <; <G<H <> =F =G =; =G=H => >F >G >; >G>H >> ?F ?G ?; ?G?H ?>!D lPPPPPPPPPPPPPPPPPPPPPPPPPPPPPPP@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_ @F @G @; @G@H @>$ AF AG A; AGAH A>' BF BG B; BGBH B>* CF CG C; CGCH C>- DF DG D; DGDH D>0 EF EG E; EGEH E>3 FF FG F; FGFH F>6 GF GG G; GGGH G>9 HF HG H; HGHH H>< IF IG I; IGIH I>? JF JG J; JGJH J>B KF KG K; KGKH K>E LF LG L; LGLH L>H MF MG M; MGMH M>K NF NG N; NGNH N>N OF OG O; OGOH O>Q PF PG P; PGPH P>T QF QG Q; QGQH Q>W RF RG R; RGRH R>Z SF SG S; SGSH S>] TF TG T; TGTH T>` UF UG U; UG U>c VF VG V; VGVH V>f WF WG W; WGWH W>i XF XG X; XG X>l YF YG Y; YG Y>o ZF ZG Z; ZG Z>r [F [G [; [G [>u \F \G \; \G \>x ]F ]G ]; ]G ]>{ ^F ^G ^; ^G ^>~ _F _G _; _G _>D& lPPPPPPPPPPPPPPPPPPPPPFPPFFFFFFF`abcdefghijklmnopqrstuvwxyz{|}~ `F `G `; `G `> aF aG a; aG a> bF bG b; bG b> cF cG c; cG c> dF dG d; dG d> eF eG e; eG e> fF fG f; fG f> gF gG g; gG g> hF hG h; hG h> iF iG  i; iG i> jF  jG  j; jG j> kJ  kG  k; kG k> lJ lG l; lG l> mJ mG m; mG m> nJ nG n; nG n> oJ oG o; oG o> pJ  pG! p; pG" p># qJ$ qG% q; qG& q>' rJ( rG) r; rG* r>+ sJ, sG- s; sG. s>/ tJ0 tG1 t; tG t> uJ2 uG3 u; uG u> vJ4 vG5 v; vG v> wJ6 wG7 w; wG w> xJ8 xG9 x; xG x> yJ: yG; y; yG" y># zJ< zG= z; zG& z>' {J> {G? {; {G@ {>+ |JA |GB |; |G. |>/ }JC }GD }GE }>F ~JG ~GH ~GI ~>J JK GL GM >ND lFFFFFFFFFFFFFFFFFFFFFFFFFFFFF88 JO GP GQ >R JS GT GU >V JW GX GY >Z J[ G\ G] >^ J_ G` Ga >b Jc Gd Ge >f Jg Gh Gi >j Jk Gl Gm >n Jo Gp Gq >r Js Gt Gu >v Jw Gx Gy >z J{ G| G} >~ J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G G >D l8888888888888888888888888888888 J G G > J G G > J G G > J G G > J G G > J G G > J G G > J G ; G > J G G > J G ; G > J G ; G > J G ; G > J G ; G > J G ; G > J G ; G  >  J  G  ; G  > J G ; G > J G ; G > J G ; G > J G ; G > J G  ; G! >" J# G$ ; G% >& J' G( ; G) >* J+ G, ; G- >. J/ G0 ; G1 >2 J3 G4 ; G5 >6 J7 G8 G9 >: J; G< ; G= >> J? G@ ; GA >B JC GD ; GE >F JG GH ; GI >J JK GL GM >ND l8888888F8FFFFFFFFFFFFFFFFF8FFFF JO GP GQ >R JS GT ; GU >V JW GX ; GY >Z J[ G\ ; G] >^ J_ G` Ga >b Jc Gd Ge >f Jg Gh Gi >j Jk Gl ; Gm >n Jo Gp ; Gq >r Js Gt ; Gu >v Jw Gx Gy >z J{ G| ; G} >~ J G ; G > J G ; G > J G G > J G ; G > J G ; G > J G ; G > J G ; G > J G ; G > J G ; G > J G ; G > J G ; G > J G G > J G ; G > J G ; G > J G ; G > J G ; G > J G ; G > J G ; G > J G ; G > J G G >D l8FFF888FFF8FFF8FFFFFFFF8FFFFFFF J G ; G > J G G > J G G > J G ; G > J G ; G > J G ; G > J G ; G > J G ; G > J G G > J G G > J G G > J G ; G > J G G > J G G > J G  ; G  >  J  G  ; G > J G G > J G G > J G ; G > J G ; G > J  G! ; G" ># J$ G% ; G& >' J( G) ; G* >+ J, G- ; G. >/ J0 G1 ; G2 >3 J4 G5 ; G6 >7 J8 G9 ; G: >; J< G= ; G> >? J@ JAG JB GC ; GD >E JF GG GH >I JJ GK ; GL >MD lF88FFFFF888F88FF88FFFFFFFFFF&F8       JN GO GP >Q JR GS GT >U JV GW ; GX >Y JZ G[ ; G\ >] J^ G_ ; G` >a Jb Gc ; Gd >e Jf Gg ; Gh >i Jj Gk ; Gl >m Jn Go ;p G  >q Jr Gs ;p G  >t Ju Gv ;p G  >w Jx Gy ; Gz >{ J| G} ; G~ > J G ; G > J K ; G > J K ; G > J K ; G > J G G > J G G > J G G > J G ; G > J G G > J G G > J G G > J G ; G > J G ; G > J G G > J G G > J G G > L G < G > L G < G > L G G GD l88FFFFFFFFFFFFFFF888F888FF888FF !"#$%&'()*+,-./012345 L G G G !L !G !G !G "L "G "G "G #L #G #G #G $L $G $G  $G %L %G %G %G &L &G &G &G 'L 'G 'G 'G (L (G (G (G )L )G )G )G *L *G *G *G +L +G +G +G ,L ,G ,G ,G -L -G -G -G .L .G .G .G /L /G /G /G 0L 0G 0G 0G 1L 1G 1G 1G 2L 2G 2G 2G 3L 3G 3G 3G 4L 4G 4G 4G 5L 5G 5G 5G0888888888888888888888>@d>:A ggD Oh+'0@H\x  Sain, JoeMatthew N. WojcikMicrosoft Excel@w@}a՜.+,0 PXx  The MITRE Corporation win2k8  Worksheets  !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~      !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~    Root Entry F@&('pWorkbookSummaryInformation(DocumentSummaryInformation8