[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Audit Policy: Policy Change: Filtering Platform Policy Change (Failure)

ID: oval:org.secpod.oval:def:19005Date: (C)2014-05-29   (M)2021-06-02
Class: COMPLIANCEFamily: windows




Auditing of Policy Change: Filtering Platform Policy Change events on failure should be enabled or disabled as appropriate. Audit Filtering Platform Policy Change, which determines whether the operating system generates audit events for certain IPsec and Windows Filtering Platform actions. Windows Filtering Platform (WFP) enables independent software vendors (ISVs) to filter and modify TCP/IP packets, monitor or authorize connections, filter Internet Protocol security (IPsec)-protected traffic, and filter remote procedure calls (RPCs). This security policy setting determines whether the operating system generates audit events for: * IPsec services status. * Changes to IPsec settings. * Status and changes to the Windows Filtering Platform engine and providers. * IPsec Policy Agent service activities. Fix: (1) GPO: Commandline: auditpol.exe (2) REG: NO INFO

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-11006-4
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-11006-4

© SecPod Technologies