Includes all the checks from the L3 NT Server policy, and adds attacks based on brute force account guessing, vulnerabilities that require exploit tools, or complex multi-stage attacks. This policy also tests for missing operating system patches.