[Forgot Password]
Login  Register Subscribe

23631

 
 

121127

 
 

98218

 
 

909

 
 

79224

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Logon-Logoff: Audit Logon

ID: oval:gov.nist.usgcb.windowsseven:def:175Date: (C)2012-04-13   (M)2017-10-26
Class: COMPLIANCEFamily: windows




This policy setting allows you to audit events generated by user account logon attempts on the computer. Events in this subcategory are related to the creation of logon sessions and occur on the computer which was accessed. For an interactive logon, the security audit event is generated on the computer that the user account logged on to. For a network logon, such as accessing a shared folder on the network, the security audit event is generated on the computer hosting the resource. The following events are included: Successful logon attempts. Failed logon attempts. Logon attempts using explicit credentials. This event is generated when a process attempts to log on an account by explicitly specifying that account's credentials. This most commonly occurs in batch logon configurations, such as scheduled tasks or when using the RUNAS command. Security identifiers (SIDs) were filtered and not allowed to log on. Volume: Low on a client computer. Medium on a domain controller or a network server Default on Client edtions: Success. Default on Server editions: Success, Failure. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Logon-Logoff\Audit Logon (2) REG: INFO NOT AVAILABLE

Platform:
Microsoft Windows 7
Reference:
CCE-9213-0
CPE    1
cpe:/o:microsoft:windows_7
CCE    1
CCE-9213-0
XCCDF    10
xccdf_gov.nist_benchmark_USGCB-Windows-7
xccdf_nist_benchmark_Windows_7
xccdf_org.secpod_benchmark_Windows_7
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_7
...

© 2013 SecPod Technologies