[Forgot Password]
Login  Register Subscribe

24128

 
 

131573

 
 

110210

 
 

909

 
 

86021

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

Audit Policy: Policy Change: Other Policy Change Events

ID: oval:org.secpod.oval:def:23010Date: (C)2015-01-07   (M)2018-03-24
Class: COMPLIANCEFamily: windows




This subcategory reports other types of security policy changes such as configuration of the Trusted Platform Module (TPM) or cryptographic providers. Events for this subcategory include: ? 4909: The local policy settings for the TBS were changed. ? 4910: The group policy settings for the TBS were changed. ? 5063: A cryptographic provider operation was attempted. ? 5064: A cryptographic context operation was attempted. ? 5065: A cryptographic context modification was attempted. ? 5066: A cryptographic function operation was attempted. ? 5067: A cryptographic function modification was attempted. ? 5068: A cryptographic function provider operation was attempted. ? 5069: A cryptographic function property operation was attempted. ? 5070: A cryptographic function property modification was attempted. ? 5447: A Windows Filtering Platform filter has been changed. ? 6144: Security policy in the group policy objects has been applied successfully. ? 6145: One or more errors occurred while processing security policy in the group policy objects. Refer to the Microsoft Knowledgebase article ?Description of security events in Windows Vista and in Windows Server 2008? for the most recent information about this setting: http://support.microsoft.com/default.aspx/kb/947226. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\Audit Policies\Policy Change!The policy setting for this audit category determines whether to audit Other Policy Change events on computers running Windows Vista or later Windows operating systems. (2) REG: NO REGISTRY INFO

Platform:
Microsoft Windows Server 2012 R2
Reference:
CCE-38029-5
CPE    1
cpe:/o:microsoft:windows_server_2012::r2:x64
CCE    1
CCE-38029-5

© SecPod Technologies