Do not attempt
to implement any of the settings in this guide without first testing
them in a non-operational environment. These recommendations should
be applied only to the Windows XP Professional SP2/SP3 Systems and will
not work on Windows 9X/ME, Windows NT, Windows 2000, Windows Server
2003, Windows Vista or Windows Server 2008. The security templates have been tested on WinXP Professional
SP2 systems and will not work on Windows 9X/ME, Windows NT, Windows
2000, Windows Server 2003, Windows Vista or Windows Server 2008. The NIST Windows Security Baseline database application has been tested on Windows XP Professional and Vista.
is only a guide containing recommended security settings; it is
not meant to replace well-structured policy or sound judgment. Furthermore
this guide does not address site-specific configuration issues.
Care must be taken when implementing this guide to address local
operational and policy concerns.
was developed at the National Institute of Standards and Technology,
which collaborated with OMB, NSA, DISA, USAF, CIS, and Microsoft to produce
the Windows XP security templates. Pursuant to title 17 Section
105 of the United States Code this document and template are not
subject to copyright protection and is in the public domain. NIST
assumes no responsibility whatsoever for its use by other parties,
and makes no guarantees, expressed or implied, about its quality,
reliability, or any other characteristic. We would appreciate acknowledgement
if the document and template are used.