Nessus Report

Nessus Scan Report

03/Dec/2013:03:06:01

Table Of Contents
Compliance Executive
Compliance Tests

Compliance Executive

[-] Collapse All
[+] Expand All

Compliance Tests

PASSED PCI 1.4.a Verify that mobile and/or employee-owned computers have a personal firewall installed (standard profile registry check)
PASSED PCI 1.4.a Verify that mobile and/or employee-owned computers have a personal firewall installed (domain profile registry check)
PASSED PCI 1.4.a Verify that mobile and/or employee-owned computers have a personal firewall installed (root\SecurityCenter2)
PASSED PCI 1.4.a Verify that mobile and/or employee-owned computers have a personal firewall installed (root\SecurityCenter)
PASSED PCI 2.2.2/2.3.b Enable only necessary services - TlntSvr
FAILED PCI 2.2.2 Enable only necessary services - RasMan
FAILED PCI 2.2.2 Enable only necessary services - Browser
PASSED PCI 2.2.2 Enable only necessary services - AppMgr
PASSED PCI 2.2.2 Enable only necessary services - helpsvc
PASSED PCI 2.2.2 Enable only necessary services - RemoteAccess
PASSED PCI 2.2.2 Enable only necessary services - Remote_Storage_User_Link
PASSED PCI 2.2.2 Enable only necessary services - mnmsrvc
FAILED PCI 2.2.2 Enable only necessary services - Netman
PASSED PCI 2.2.2 Enable only necessary services - NntpSvc
PASSED PCI 2.2.2 Enable only necessary services - srvcsurg
PASSED PCI 2.2.2 Enable only necessary services - Messenger
FAILED PCI 2.2.2 Enable only necessary services - VSS
PASSED PCI 2.2.2 Enable only necessary services - Remote_Storage_Server
PASSED PCI 2.2.2 Enable only necessary services - Pop3Svc
PASSED PCI 2.2.2 Enable only necessary services - ClipSrv
PASSED PCI 2.2.2 Enable only necessary services - Appmon
FAILED PCI 2.2.2 Enable only necessary services - SNMPTRAP
FAILED PCI 2.2.2 Enable only necessary services - Spooler
PASSED PCI 2.2.2 Enable only necessary services - WMServer
PASSED PCI 2.2.2 Enable only necessary services - SMTPSVC
PASSED PCI 2.2.2 Enable only necessary services - LicenseService
FAILED PCI 2.2.2 Enable only necessary services - TapiSrv
PASSED PCI 2.2.2 Enable only necessary services - NWCWorkstation
PASSED PCI 2.2.2 Enable only necessary services - BINLSVC
FAILED PCI 2.2.2 Enable only necessary services - RemoteRegistry
PASSED PCI 2.2.2 Enable only necessary services - TemService
PASSED PCI 2.2.2 Enable only necessary services - Alerter
PASSED PCI 2.2.2 Enable only necessary services - Ntfrs
FAILED PCI 2.2.2 Enable only necessary services - FAX
PASSED PCI 2.2.2 Enable only necessary services - SNMP
FAILED PCI 2.2.2 Enable only necessary services - upnphost
PASSED PCI 2.2.2 Enable only necessary services - CiSvc
FAILED PCI 2.2.2 Enable only necessary services - Schedule
PASSED PCI 2.2.2 Enable only necessary services - MacPrint
FAILED PCI 2.2.2 Enable only necessary services - RpcLocator
PASSED PCI 2.2.2 Enable only necessary services - WZCSVC
PASSED PCI 2.2.2 Enable only necessary services - MacFile
PASSED PCI 2.2.2 Enable only necessary services - W3SVC
PASSED PCI 2.2.2 Enable only necessary services - SharedAccess
PASSED PCI 2.2.2 Enable only necessary services - MSFtpsvc
PASSED PCI 2.2.2 Enable only necessary services - HTTPFilter
PASSED PCI 2.2.2 Enable only necessary services - TFTPD
FAILED PCI 2.2.2 Enable only necessary services - RasAuto
PASSED PCI 2.2.2 Enable only necessary services - IISADMIN
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c/8.4 Verify common security parameter settings - Do not store LAN Manager password hash value on next password change
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c/8.5.1 Verify common security parameter settings - Audit Account Logon Events
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c/8.5.9 Verify common security parameter settings - Maximum Password Age
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c/8.5.10 Verify common security parameter settings - Minimum Password Length
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c/8.5.11 Verify common security parameter settings - Password Must Meet Complexity Requirements
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c/8.5.12 Verify common security parameter settings - Enforce Password History
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c/8.5.13Verify common security parameter settings - Reset Account Lockout Counter After
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c/8.5.13 Verify common security parameter settings - Account Lockout Threshold
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c/10.1/10.2.1/10.2.3 Verify common security parameter settings - Audit Object Access
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c/10.2.2 Verify common security parameter settings - Audit Privilege Use
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c/10.2.7 Verify common security parameter settings - Audit System Events
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Deny Log on as a batch job
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Guest acccount is disabled
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Deny Guest access to this computer from the network
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Maximum Security Log Size (KB)
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Limit blank passwords to console logon only
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Store Passwords Using Reversible Encryption
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Enable Safe DLL search mode
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Check LegalNoticeCaption is specified
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Limit Access this computer from the network
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Prevent users from installing printer drivers
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Audit Policy Change
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Audit Account Management
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Rename Administrator Account
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Rename Guest Account
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Account Lockout Duration
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Minimum Password Age
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Audit Logon Events
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Maximum Application Log Size (KB)
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Do Not Display Last User Name
PASSED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Maximum System Log Size (KB)
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Check LegalNoticeText is specified
FAILED PCI 2.2.3/2.2.3.b/2.2.3.c Verify common security parameter settings - Unsigned Driver Installation Behavior: Warn, but allow
WARNING PCI 3.2.1 Do not store the full contents of any track
WARNING PCI 3.2.2 Do not store the card verification code
WARNING PCI 3.2.3 Do not store the personal identification number (PIN)
PASSED PCI 3.4.1.a If disk encryption is used, verify that logical access is not allowed using local user account databases
PASSED PCI 5.1 Deploy anti-virus software on all systems commonly affected by malicious software (root\SecurityCenter2)
PASSED PCI 5.1 Deploy anti-virus software on all systems commonly affected by malicious software (root\SecurityCenter)
WARNING PCI 5.2 Ensure that all anti-virus mechanisms are current, actively running, and generating audit logs
PASSED PCI 5.2 Ensure that all anti-virus mechanisms are current, actively running, and generating audit logs (WMI)
PASSED PCI 7.2.2/10.5.1 Assignment of privileges to individuals based on job classification and function - System Log Restrict Guest Access
PASSED PCI 7.2.2/10.5.1 Assignment of privileges to individuals based on job classification and function - Security Log Restrict Guest Access
PASSED PCI 7.2.2/10.5.1 Assignment of privileges to individuals based on job classification and function - Application Log Restrict Guest Access
FAILED PCI 8.5.15 Re-authenticate to re-activate the terminal or session if idle for 15 or more minutes (MaxIdleTime)
PASSED PCI 8.5.15 Re-authenticate to re-activate the terminal or session if idle for 15 or more minutes
WARNING PCI 9.7 Maintain strict control over the internal or external distribution of any kind of media - 'Floppies'
WARNING PCI 9.7 Maintain strict control over the internal or external distribution of any kind of media - 'CD-ROM'
FAILED PCI 9.7 Maintain strict control over the internal or external distribution of any kind of media - 'UsbStor\Start'
WARNING PCI 9.7 Maintain strict control over the internal or external distribution of any kind of media - 'USB'
WARNING PCI 9.7 Maintain strict control over the internal or external distribution of any kind of media - 'Nessus plugin ID 24274'
WARNING PCI 10.4 Synchronize all critical system clocks and times - Maximum tolerance for computer clock synchronization
PASSED PCI 10.4.1 Critical systems have the correct and consistent time - 'Type'
PASSED PCI 10.4.1 Critical systems have the correct and consistent time - 'FrequencyCorrectRate'
PASSED PCI 10.4.1 Critical systems have the correct and consistent time - 'CrossSiteSyncFlags'
PASSED PCI 10.4.1 Critical systems have the correct and consistent time - 'InputProvider'
PASSED PCI 10.4.1 Critical systems have the correct and consistent time - 'Enabled'
PASSED PCI 10.4.3 Time settings are received from industry-accepted time sources
FAILED PCI 10.7 Retain audit trail history for at least one year - Retain security log
FAILED PCI 10.7 Retain audit trail history for at least one year - Retain application log
FAILED PCI 10.7 Retain audit trail history for at least one year - Retain system log
WARNING PCI 11.1 Test for the presence of wireless access points on a quarterly basis
WARNING PCI 11.2 Run internal and external network vulnerability scans at least quarterly