[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98503

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-43276-5

Platform: win10Date: (C)2016-09-23   (M)2017-10-23



Disable: 'Audit: Audit the access of global system objects' for AuditBaseObjects This policy setting creates a default system access control list (SACL) for system objects such as mutexes (mutual exclusive), events, semaphores, and MS-DOS devices, and causes access to these system objects to be audited. If the Audit: Audit the access of global system objects setting is enabled, a very large number of security events could quickly fill the Security event log. Counter Measure: Enable the Audit: Audit the access of global system objects setting. Potential Impact: If you enable the Audit: Audit the access of global system objects setting, a large number of security events could be generated, especially on busy domain controllers and application servers. Such an occurrence could cause servers to respond slowly and force the Security log to record numerous events of little significance. This policy setting can only be enabled or disabled, and there is no way to choose which events are recorded. Even organizations that have the resources to analyze events that are generated by this policy setting would not likely have the source code or a description of what each named object is used for. Therefore, it is unlikely that many organizations could benefit by enabling this policy setting.


Parameter:


Technical Mechanism: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Audit: Audit the access of global system objects

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35259


OVAL    1
oval:org.secpod.oval:def:35259
XCCDF    4
xccdf_org.secpod_benchmark_general_Windows_10
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
...

© 2013 SecPod Technologies