SafeDllSearchMode

This evening, I’m working on creating a Windows XP sp2 hardening guide based on NIST document 800-68. In the document NIST suggests enabling SafeDllSearchMode. From reading Protect Your Windows Network by Jesper Johansson and Steve Riley I know that SafeDllSearchMode is turned on by default in Windows XP Service Pack 1 and higher.
I suppose they could be saying that creating the registry key and making sure it remains equal to 1 is easier than making sure it never gets created equal to zero. Hardening is more than just applying settings once, you need to make sure they remain set that way.
The way it comes across is they weren’t aware of the default value.