I am still new to SCM, but was noticing that there are settings that are available in the Security Configuration and Analysis snap-in that are not available in the SCM baselines. For example (Windows 7), in Local Policies/Security Options the setting for "Network access: Allow anonymous SID/Name translation" is available from the snap-in, but I do not see that setting in any of the Baseline Windows 7 Policies in SCM (e.g. Win7-EC-Desktop 1.0). It seems like just a subset of the available settings are available in SCM. Is there a reason for this? Or do I have an incorrect conception of how the SCM is supposed to be used/applied?
Thanks for your help!
Jay