[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

Audit: Audit the use of Backup and Restore privilege

ID: oval:gov.nist.usgcb.windowsseven:def:56Date: (C)2012-04-13   (M)2017-10-21
Class: COMPLIANCEFamily: windows




This security setting determines whether to audit the use of all user privileges, including Backup and Restore, when the Audit privilege use policy is in effect. Enabling this option when the Audit privilege use policy is also enabled generates an audit event for every file that is backed up or restored. If you disable this policy, then use of the Backup or Restore privilege is not audited even when Audit privilege use is enabled. Note: On Windows versions prior to Windows Vista configuring this security setting, changes will not take effect until you restart Windows. Enabling this setting can cause a LOT of events, sometimes hundreds per second, during a backup operation. Default: Disabled. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\Audit: Audit the use of Backup and Restore privilege (2) REG: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa!FullPrivilegeAuditing

Platform:
Microsoft Windows 7
Reference:
CCE-8789-0
CPE    1
cpe:/o:microsoft:windows_7
CCE    1
CCE-8789-0
XCCDF    9
xccdf_org.secpod_benchmark_cip_std_ver3_Windows_7
xccdf_hippa_benchmark_Windows_7
xccdf_org.secpod_benchmark_ISO27001_Windows_7
xccdf_gov.nist_benchmark_USGCB-Windows-7
...

© 2013 SecPod Technologies