Audit Policy: Policy Change: Other Policy Change Events (Failure)ID: oval:org.secpod.oval:def:19019 | Date: (C)2014-05-29 (M)2021-06-02 |
Class: COMPLIANCE | Family: windows |
Auditing of Policy Change: Other Policy Change Events events on failure should be enabled or disabled as appropriate.
Audit Other Policy Change Events, which determines whether the operating system generates audit events for security policy changes that are not otherwise audited in the Policy Change category. These other activities in the Policy Change category that can be audited include: * Trusted Platform Module (TPM) configuration changes. * Kernel-mode cryptographic self tests. * Cryptographic provider operations. * Cryptographic context operations or modifications.
Fix:
(1) GPO: Commandline: auditpol.exe
(2) REG: NO INFO
Platform: |
Microsoft Windows Server 2008 R2 |