[Forgot Password]
Login  Register Subscribe

24128

 
 

131615

 
 

111604

 
 

909

 
 

87185

 
 

136

Paid content will be excluded from the download.


Download | Alert*
OVAL

Generate security audits

ID: oval:org.secpod.oval:def:36550Date: (C)2016-08-05   (M)2018-07-10
Class: COMPLIANCEFamily: windows




This security setting determines which accounts can be used by a process to add entries to the security log. The security log is used to trace unauthorized system access. Misuse of this user right can result in the generation of many auditing events, potentially hiding evidence of an attack or causing a denial of service if the Audit: Shut down system immediately if unable to log security audits security policy setting is enabled. For more information see Audit: Shut down system immediately if unable to log security audits Default: Local Service Network Service Counter Measure: Ensure that only the Service and Network Service accounts have the Generate security audits user right assigned to them. Potential Impact: None. This is the default configuration. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Generate security audits (2) REG: ### (3) WMI: root\rsop\computer#RSOP_UserPrivilegeRight#AccountList#UserRight='SeAuditPrivilege' and precedence=1

Platform:
Microsoft Windows 10
Reference:
CCE-41566-1
CCE    1
CCE-41566-1
XCCDF    4
xccdf_org.secpod_benchmark_general_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
...

© SecPod Technologies