These all system restrictions work for Windows NT/2000/XP only. These system restrictions will affect all users of the computer.
Restricting Access to the Event Logs - The Windows NT event log contains records documenting application, security and system events taking place on the machine. This tweak allows you to restrict access to administrators and system accounts only.
Stopping the KnownDLLs Vulnerability - In Windows NT, core operating system DLLs are kept in virtual memory and shared between the programs running on the system. This has exposed a vulnerability thatcould allow a user to gain administrative privileges on the computer the user is interactively logged onto.
Securing Network Access to CD-ROM Drives - This setting determines whether data in the CD-ROM drive is accessible to other users. This value entry satisfies, in part, the C2 security requirement that you must be able to secure removable media.
Securing Network Access to Floppy Drives - This setting determines whether data in the floppy disk drive is accessible to other users. This value entry satisfies, in part, the C2 security requirement that you must be able to secure removable media.
Require Alphanumeric Windows Password - Windows by default will accept anything as a password, including nothing. This setting controls whether Windows will require a alphanumeric password, i.e. a password made from a combination of alpha (A, B, C...) and numeric (1, 2 ,3 ...) characters.
Control the Automatic Restarting of the Shell - By default if the Windows NT user interface or one of its components fails, the interface is restarted automatically, the can be changed so that you must restart the interface by logging off and logging on again manually.
Clear the Page File at System Shutdown - Windows normally does not not clear or recreate the page file. On a heavy used system this can be both a security threat and performance drop. Enabling this setting will cause Windows to clear the page file whenever the system is shutdown.
Disabled Password Caching - Normally Windows caches a copy of the users password on the local system to allow for additional automation, this leads to a possible security threat on some systems. Disabling caching means the users passwords are not cached locally. This setting also removes the second Windows password screen and also remove the possibility of networks passwords to get out of sync.
See also :
Quick Start
Main menu - File
Administrator's password