The built-in guest account will be renamed.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-1114	4.021	SV-32292r1_rule	IAAC-1	Medium

Description
A system faces an increased vulnerability threat if the built-in guest account is not renamed or disabled. The built-in guest account is a known user account on all Windows systems, and as initially installed, does not require a password. This can allow access to system resources by unauthorized users. This account is a member of the group Everyone and has all the rights and permissions associated with that group and could provide access to system resources to unauthorized users.

Description

A system faces an increased vulnerability threat if the built-in guest account is not renamed or disabled. The built-in guest account is a known user account on all Windows systems, and as initially installed, does not require a password. This can allow access to system resources by unauthorized users. This account is a member of the group Everyone and has all the rights and permissions associated with that group and could provide access to system resources to unauthorized users.

STIG	Date
Windows Server 2008 R2 Domain Controller Security Technical Implementation Guide	2014-07-09

Details

Check Text ( None )
None

Fix Text (F-28806r1_fix)
Configure the policy value for Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options -> “Accounts: Rename guest account” to a value other than “Guest”.