Accounts: Local Guest account should be disabled

538d811a-0a0a-4336-8294-63bc2c092ebb

The default Guest account allows unauthenticated network users to log on as a Guest with no password. These unauthorized users could access any resources that are accessible to the Guest account over the network. This capability means that any shared folders with permissions that allow access to the Guest account, the Guests group, or the Everyone group are accessible over the network, which could lead to the exposure or corruption of data. It is best practice to disable the local Guest account.

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/accounts-guest-account-status
https://www.stigviewer.com/stig/windows_server_20122012_r2_domain_controller/2019-01-16/finding/V-1113


stig-medium-server
stig-medium-desktop
desktop
server
compliance-server
compliance-desktop
nist800-171
cmmc-l1