[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Audit Policy: Policy Change: Other Policy Change Events

ID: oval:org.secpod.oval:def:23010Date: (C)2015-01-07   (M)2021-06-02
Class: COMPLIANCEFamily: windows




This subcategory reports other types of security policy changes such as configuration of the Trusted Platform Module (TPM) or cryptographic providers. Events for this subcategory include: ? 4909: The local policy settings for the TBS were changed. ? 4910: The group policy settings for the TBS were changed. ? 5063: A cryptographic provider operation was attempted. ? 5064: A cryptographic context operation was attempted. ? 5065: A cryptographic context modification was attempted. ? 5066: A cryptographic function operation was attempted. ? 5067: A cryptographic function modification was attempted. ? 5068: A cryptographic function provider operation was attempted. ? 5069: A cryptographic function property operation was attempted. ? 5070: A cryptographic function property modification was attempted. ? 5447: A Windows Filtering Platform filter has been changed. ? 6144: Security policy in the group policy objects has been applied successfully. ? 6145: One or more errors occurred while processing security policy in the group policy objects. Refer to the Microsoft Knowledgebase article ?Description of security events in Windows Vista and in Windows Server 2008? for the most recent information about this setting: http://support.microsoft.com/default.aspx/kb/947226. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\Audit Policies\Policy Change!The policy setting for this audit category determines whether to audit Other Policy Change events on computers running Windows Vista or later Windows operating systems. (2) REG: NO REGISTRY INFO

Platform:
Microsoft Windows Server 2012 R2
Reference:
CCE-38029-5
CPE    1
cpe:/o:microsoft:windows_server_2012::r2:x64
CCE    1
CCE-38029-5

© SecPod Technologies