Not Defined Critical(EC) policies


  • JFK,

    We included those settings in the critical category because they are very important and most organizations should consider implementing them. We didn't prescribe specific values for them for various reasons. For example, under the member server baseline, some of the critical settings are only relevant to domain controllers. There are other settings that require information specific to the organization like the setting "Interactive Logon: Message text for users attempting to log on." There are other settings for which that we are reluctant to prescribe specific values because we don't want to cause interoperability issues or a large volume of extra work that the IT team isn't prepare for. The series of settings with the "Network Security: Restrict NTLM..." prefix are what I'm talking about. What I'm trying to say is that you need to examine each of these settings and determine whether or not each is something that your organization should implement.



    Kurt Dillard

    • เสนอเป็นคำตอบโดย Kurt DillardModerator 28 กุมภาพันธ์ 2555 15:17
    • ทำเครื่องหมายเป็นคำตอบโดย J F K 28 กุมภาพันธ์ 2555 15:21
    28 กุมภาพันธ์ 2555 15:17