[Forgot Password]
Login  Register Subscribe

23631

 
 

127027

 
 

102010

 
 

909

 
 

81365

 
 

131

Paid content will be excluded from the download.


Download | Alert*
OVAL

Privilege Use: Audit Sensitive Privilege Use

ID: oval:gov.nist.usgcb.windowsseven:def:199Date: (C)2012-04-13   (M)2018-02-19
Class: COMPLIANCEFamily: windows




This policy setting allows you to audit events generated when sensitive privileges (user rights) are used such as the following: A privileged service is called. One of the following privileges are called: Act as part of the operating system. Back up files and directories. Create a token object. Debug programs. Enable computer and user accounts to be trusted for delegation. Generate security audits. Impersonate a client after authentication. Load and unload device drivers. Manage auditing and security log. Modify firmware environment values. Replace a process-level token. Restore files and directories. Take ownership of files or other objects. If you configure this policy setting, an audit event is generated when sensitive privilege requests are made. Success audits record successful requests and Failure audits record unsuccessful requests. If you do not configure this policy setting, no audit event is generated when sensitive privilege requests are made. Volume: High. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Privilege Use\Audit Sensitive Privilege Use (2) REG: INFO NOT AVAILABLE

Platform:
Microsoft Windows 7
Reference:
CCE-9172-8
CPE    1
cpe:/o:microsoft:windows_7
CCE    1
CCE-9172-8
XCCDF    12
xccdf_org.secpod_benchmark_Windows_7
xccdf_org.secpod_benchmark_general_Windows_7
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_7
xccdf_org.secpod_benchmark_ISO27001_Windows_7
...

© 2013 SecPod Technologies