Windows XP Base Security Template Version 1.3




Policy Computer Setting
Enforce password history 18 passwords remembered
Maximum password age 360 days
Minimum password age 1 days
Minimum password length 8 characters
Password must meet complexity requirements Enabled
Store password using reversible encryption for all users in the domain Disabled
Deny access to this computer from the network administrator
Policy Computer Setting
Account lockout duration 15 minutes
Account lockout threshold 7 invalid logon attempts
Reset account lockout counter after 15 minutes




Policy Computer Setting
Accounts: Guest account status Disabled
Accounts: Limit local account use of blank passwords to console logon only Enabled
Interactive logon: Message title for users attempting to log on Base Security Template V1.2
Network access: Allow anonymous SID/Name translation Disabled
Network access: Do not allow anonymous enumeration of SAM accounts Enabled
Network access: Do not allow anonymous enumeration of SAM accounts and shares Enabled
Network security: Do not store LAN Manager hash value on next password change Enabled
Network security: LAN Manager authentication level Send NTLMv2 response only\refuse LM & NTLM
Network security: Minimum session security for NTLM SSP based (including secure RPC) clients Require NTLMv2 session security,Require 128-bit encryption
Network security: Minimum session security for NTLM SSP based (including secure RPC) servers Require NTLMv2 session security,Require 128-bit encryption




Policy Computer Setting
Maximum application log size 9984 kilobytes
Maximum security log size 99968 kilobytes
Maximum system log size 9984 kilobytes
Prevent local guests group from accessing application log Enabled
Prevent local guests group from accessing security log Enabled
Prevent local guests group from accessing system log Enabled
Recovery Console: Allow automatic administrative logon Disabled
Retention method for application log As needed
Retention method for security log As needed
Retention method for system log As needed




Policy Computer Setting
Audit account logon events Success, Failure
Audit account management Success, Failure
Audit logon events Success, Failure
Audit object access Failure
Audit policy change Success, Failure
Audit privilege use Failure
Audit system events Success, Failure