Object Access: Audit Certification Services
|ID: oval:org.secpod.oval:def:14755||Date: (C)2013-08-13 (M)2017-10-21|
|Class: COMPLIANCE||Family: windows|
This policy setting allows you to audit Active Directory Certificate Services (AD CS) operations.
AD CS operations include the following:
AD CS startup/shutdown/backup/restore.
Changes to the certificate revocation list (CRL).
New certificate requests.
Issuing of a certificate.
Revocation of a certificate.
Changes to the Certificate Manager settings for AD CS.
Changes in the configuration of AD CS.
Changes to a Certificate Services template.
Importing of a certificate.
Publishing of a certification authority certificate is to Active Directory Domain Services.
Changes to the security permissions for AD CS.
Archival of a key.
Importing of a key.
Retrieval of a key.
Starting of Online Certificate Status Protocol (OCSP) Responder Service.
Stopping of Online Certificate Status Protocol (OCSP) Responder Service.
Volume: Medium or Low on computers running Active Directory Certificate Services.
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Object Access\Audit Certification Services
(2) REG: INFO NOT AVAILABLE
|Microsoft Windows 7|