[Forgot Password]
Login  Register Subscribe

24003

 
 

131573

 
 

108741

 
 

909

 
 

85475

 
 

134

Paid content will be excluded from the download.


Download | Alert*
OVAL

Audit Policy: Audit object access

ID: oval:org.secpod.oval:def:14716Date: (C)2013-08-13   (M)2018-03-06
Class: COMPLIANCEFamily: windows




This security setting determines whether the OS audits user attempts to access non-Active Directory objects. Audit is only generated for objects that have system access control lists (SACL) specified, and only if the type of access requested (such as Write, Read, or Modify) and the account making the request match the settings in the SACL. The administrator can specify whether to audit only successes, only failures, both successes and failures, or to not audit these events at all (i.e. neither successes nor failures). If Success auditing is enabled, an audit entry is generated each time any account successfully accesses a non-Directory object that has a matching SACL specified. If Failure auditing is enabled, an audit entry is generated each time any user unsuccessfully attempts to access a non-Directory object that has a matching SACL specified. Note that you can set a SACL on a file system object using the Security tab in that object's Properties dialog box. Default: No auditing. Important: For more control over auditing policies, use the settings in the Advanced Audit Policy Configuration node. For more information about Advanced Audit Policy Configuration, see http://go.microsoft.com/fwlink/?LinkId=140969. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy\Audit object access (2) REG: INFO NOT AVAILABLE

Platform:
Microsoft Windows 7
Reference:
CCE-9162-9
CPE    1
cpe:/o:microsoft:windows_7
CCE    1
CCE-9162-9
XCCDF    3
xccdf_org.secpod_benchmark_cip_std_ver3_Windows_7
xccdf_hippa_benchmark_Windows_7
xccdf_nist_benchmark_Windows_7

© SecPod Technologies