Ensure No Auditing for 'Audit Policy: Object Access: Kernel Object'
|ID: oval:org.secpod.oval:def:22479||Date: (C)2015-01-07 (M)2018-03-26|
|Class: COMPLIANCE||Family: windows|
This settings determines whether to audit the event of a user who attempts to access an object that has a specified system access control list (SACL), effectively enabling auditing to take place. It is targeted to Kernal Object access processes.
|Microsoft Windows 8.1|