Skip to content

Update Windows ntuser test to mandate creation of collected item for a given ntuser.dat file even if the registry key/name does not exist #308

@vanderpol

Description

@vanderpol

Currently, some of the STIG rules stipulate that a for a user to be compliant, a certain registry value needs to exist and be set properly. However, the ntuser_test doesn’t have a way to enforce that a given registry key must exist for each user on the system. If one compliant user is found, an ntuser_item is collected for that user, and non-compliant users are skipped (so long as the key of interest is not present – which is often the default), and the rule is given a pass.

In NIWC's SCC application, they force the creation of a 'does not exist' item, which is allowed in OVAL and allows content to then report correctly, but is not being implemented this way in other tools, leading to inconsistently results.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Relationships

None yet

Development

No branches or pull requests

Issue actions