Audit Policy: Object Access: Detailed File ShareID: oval:org.secpod.oval:def:19065 | Date: (C)2014-05-29 (M)2021-06-02 |
Class: COMPLIANCE | Family: windows |
Auditing of Object Access: Detailed File Share events on failure should be enabled or disabled as appropriate.
Audit Detailed File Share, which allows you to audit attempts to access files and folders on a shared folder. The Detailed File Share setting logs an event every time a file or folder is accessed, whereas the File Share setting only records one event for any connection established between a client computer and file share. Detailed File Share audit events include detailed information about the permissions or other criteria used to grant or deny access.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Object Access\Audit Policy: Object Access: Detailed File Share
(2) REG: NO INFO
Platform: |
Microsoft Windows Server 2008 R2 |