(imported topic written by SmearODeer91)
On This fixlet, “W05: Windows Configuration Weaknesses - Disable LM Authentication Across the Network - Windows NT/2000/XP/2003 Clients”, the SANS referance and the Microsoft resources point to a Different answer then is presented in this Fixlet. The value presented in this fixlet is an Absolute value of “is not 3” when in reality if the value is “< 3” the fixlet appies as 3 4 and 5 values represent meeting/Good, more restrictive/Better and most/Best. I Have not gone through all the content in regards to security but will be based on this finding.
Hence: Is this an intentional setting or would it be in all users best interest to have it set to not be relevetent if any of the 3, 4, or 5 values are met? As 3 and above meet the recommendation for security.