Object Access: Audit Certification ServicesID: oval:org.secpod.oval:def:14755 | Date: (C)2013-08-13 (M)2022-10-10 |
Class: COMPLIANCE | Family: windows |
This policy setting allows you to audit Active Directory Certificate Services (AD CS) operations.
AD CS operations include the following:
AD CS startup/shutdown/backup/restore.
Changes to the certificate revocation list (CRL).
New certificate requests.
Issuing of a certificate.
Revocation of a certificate.
Changes to the Certificate Manager settings for AD CS.
Changes in the configuration of AD CS.
Changes to a Certificate Services template.
Importing of a certificate.
Publishing of a certification authority certificate is to Active Directory Domain Services.
Changes to the security permissions for AD CS.
Archival of a key.
Importing of a key.
Retrieval of a key.
Starting of Online Certificate Status Protocol (OCSP) Responder Service.
Stopping of Online Certificate Status Protocol (OCSP) Responder Service.
Volume: Medium or Low on computers running Active Directory Certificate Services.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Object Access\Audit Certification Services
(2) REG: INFO NOT AVAILABLE
Platform: |
Microsoft Windows 7 |