Tests run by the National Security Agency demonstrate that by applying security configuration benchmarks, specifically the Center for Internet Security/NSA/GSA/NIST Windows 2000 Consensus Security Baseline Settings, “eliminated more than 95% of high priority vulnerabilities (as determined by a popular commercial scanner) and 91% of all vulnerabilities.” Read the entire report in the US Department of Defense Information Assurance Newsletter Security Benchmarks: A Gold Standard. The Center for Internet Security has available, free of charge, Benchmarks and Security Tools that scan systems and compare them against these non-proprietary security-enhancing benchmarks that reflect best practices on how systems should be configured and operated. (Note: Center for Internet Security is “a not-for-profit cooperative organization assisting network users and operators, and their insurers and auditors, to reduce the risk of significant disruptions of electronic commerce and business operations due to technical failures or deliberate attacks.”)