The Federal Desktop Core Configuration is a list of security settings recommended by the National Institute of Standards and Technology for general-purpose microcomputers that are connected directly to the network of a United States government agency.
On 20 March 2007, the Office of Management and Budget issued a memorandum instructing United States government agencies to develop plans for using the Microsoft Windows XP and Vista security configurations.
[1][2] The United States Air Force common security configurations for Windows XP were proposed as an early model on which standards could be developed.
[2] The FDCC baseline was developed (and is maintained) by the National Institute of Standards and Technology in collaboration with OMB, DHS, DOI, DISA, NSA, USAF and Microsoft,[2] with input from public comment.
(See Wikipedia SCAP page) The Windows platform was built for easy interoperability and networking and therefore left opportunities within the operating systems for all types of auto- and semi-automatic connections to other computers.
[5] In recognition that not all recommended settings will be practical for every system, exceptions (such as "authorized enterprise wireless networks") can be made if documented in an FDCC deviation report.