Verify the effective setting in Local Group Policy Editor.Run "gpedit.msc".Navigate to Local Computer Policy >> Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options.If the value for "Network access: Allow anonymous SID/Name translation" is not set to "Disabled", this is a finding.For server core installations, run the following command:Secedit /Export /Areas SecurityPolicy /CFG C:\Path\FileName.TxtIf "LSAAnonymousNameLookup" equals "1" in the file, this is a finding.

Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Local Policies >> Security Options >> "Network access: Allow anonymous SID/Name translation" to "Disabled".