PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Security: Perform volume maintenance tasks user right must only be assigned to the Administrators group

5613a14d-01b4-4051-94f3-c6f7e752c7fd

Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities.

Accounts with the "Perform volume maintenance tasks" user right can manage volume and disk configurations. This could be used to delete volumes, resulting in data loss or a denial of service.

Remediation

To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ User Rights Assignment
|_ Perform volume maintenance tasks to include only the following accounts or groups:
- Administrators

STIG: Server
2025: https://system32.eventsentry.com/stig/viewer/V-278259
2022: https://system32.eventsentry.com/stig/viewer/V-254509
2019: https://system32.eventsentry.com/stig/viewer/V-205765
2016: https://system32.eventsentry.com/stig/viewer/V-225088

Desktop
W11: https://system32.eventsentry.com/stig/viewer/V-253503
W10: https://system32.eventsentry.com/stig/viewer/V-220980

NIST 800-53 : AC-3, AC-6, CM-6
NIST 800-171: 3.1.1, 3.1.2, 3.4.6
CMMC v2.0 L2: AC.L2-3.1.1, AC.L2-3.1.2, CM.L2-3.4.6
PCI-DSS v4.0: 2.2.1, 7.2.1
HIPAA SR : ยง164.312(a)(1)
HIPAA HICP : Practice 3 (Identity and Access Management)



Tags

stig-medium-serverstig-medium-desktopnist800-171-servernist800-171-desktopnist800-53-desktopnist800-53-serverpci-dss-v4-desktoppci-dss-v4-serverhipaa-desktophipaa-servercmmc2-l2-desktopcmmc2-l2-server

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.