this post was submitted on 13 Dec 2023
11 points (100.0% liked)
cybersecurity
3295 readers
35 users here now
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Reviewing the CIS recommended hardening config for Windows Server. Just realized that you shouldn’t just look at the failed controls but the ones that passed too. One control when enabled actually passes command line entries into the audit log in plain text, so that includes passwords.