Articles in this section

• WN12-00-000001 - Server systems must be located in a controlled access area, accessible only to authorized personnel.
• WN12-00-000004 - Users with administrative privilege must be documented.
• WN12-00-000005 - Users with Administrative privileges must have separate accounts for administrative duties and normal operational tasks.
• WN12-00-000006 - Policy must require that system administrators (SAs) be trained for the operating systems used by systems under their control.
• WN12-00-000007 - Windows 2012/2012 R2 password for the built-in Administrator account must be changed at least annually or when a member of the administrative team leaves the organization.
• WN12-00-000008 - Administrative accounts must not be used with applications that access the Internet, such as web browsers, or with potential Internet sources, such as email.
• WN12-00-000009-01 - Members of the Backup Operators group must be documented.
• WN12-00-000009-02 - Members of the Backup Operators group must have separate accounts for backup duties and normal operational tasks.
• WN12-00-000010 - Policy must require application account passwords be at least 15 characters in length.
• WN12-00-000011 - Windows 2012/2012 R2 manually managed application account passwords must be changed at least annually or when a system administrator with knowledge of the password leaves the organization.