[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78764

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Privilege Use: Audit Sensitive Privilege Use

ID: oval:gov.nist.usgcb.windowsseven:def:199Date: (C)2012-04-13   (M)2017-10-26
Class: COMPLIANCEFamily: windows




This policy setting allows you to audit events generated when sensitive privileges (user rights) are used such as the following: A privileged service is called. One of the following privileges are called: Act as part of the operating system. Back up files and directories. Create a token object. Debug programs. Enable computer and user accounts to be trusted for delegation. Generate security audits. Impersonate a client after authentication. Load and unload device drivers. Manage auditing and security log. Modify firmware environment values. Replace a process-level token. Restore files and directories. Take ownership of files or other objects. If you configure this policy setting, an audit event is generated when sensitive privilege requests are made. Success audits record successful requests and Failure audits record unsuccessful requests. If you do not configure this policy setting, no audit event is generated when sensitive privilege requests are made. Volume: High. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Privilege Use\Audit Sensitive Privilege Use (2) REG: INFO NOT AVAILABLE

Platform:
Microsoft Windows 7
Reference:
CCE-9172-8
CPE    1
cpe:/o:microsoft:windows_7
CCE    1
CCE-9172-8
XCCDF    10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_7
xccdf_gov.nist_benchmark_USGCB-Windows-7
xccdf_nist_benchmark_Windows_7
xccdf_org.secpod_benchmark_Windows_7
...

© 2013 SecPod Technologies