[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

78029

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CCE
view XML

CCE-44139-4

Platform: win10Date: (C)2016-09-23   (M)2017-10-18



Disable: 'Control Security Event Log behavior when the log file reaches its maximum size' This policy setting controls Event Log behavior when the log file reaches its maximum size. If you enable this policy setting and a log file reaches its maximum size, new events are not written to the log and are lost. If you disable or do not configure this policy setting and a log file reaches its maximum size, new events overwrite old events. Note: Old events may or may not be retained according to the "Backup log automatically when full" policy setting. Counter Measure: Configure this setting to Disabled. Potential Impact: If you enable this policy setting and a log file reaches its maximum size, new events are not written to the log and are lost. If you disable or do not configure this policy setting and a log file reaches its maximum size, new events overwrite old events."


Parameter:


Technical Mechanism: (1) GPO: Computer Configuration\Administrative Templates\Windows Components\Event Log Service\Security\Control Event Log behavior when the log file reaches its maximum size (2) REG: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\EventLog\Security\Retention

References:

Resource IdReference
SCAP Repo OVAL Definitionoval:org.secpod.oval:def:35392


OVAL    1
oval:org.secpod.oval:def:35392
XCCDF    4
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_general_Windows_10
...

© 2013 SecPod Technologies