|Paid content will be excluded from the download.
| Matches : 14865
|Ensure No Auditing for 'Audit Policy: Detailed Tracking: Process Termination'
This subcategory reports when a process terminates. Events for this subcategory include:
- 4689: A process has exited.
Refer to the Microsoft Knowledgebase article 'Description of security events in Windows Vista and in Windows Server 2008' for the most recent information about this setting: http://support.micro ...
Prevent changing screen saver
Prevents the Screen Saver dialog from opening in the Personalization or Display Control Panel.
This setting prevents users from using Control Panel to add, configure, or change the screen saver on the computer. It does not prevent a screen saver from running.
Enable this policy setting if you want to force users to use a specific screen sav ...
Ensure Audit Success and Failure for 'Audit Policy: System: Security System Extension'
This subcategory reports the loading of extension code such as authentication packages by the security subsystem. Events for this subcategory include:
- 4610: An authentication package has been loaded by the Local Security Authority.
- 4611: A trusted logon process has been registered with the Local Se ...
Password protect the screen saver
If the Password protect the screen saver setting is enabled, then all screen savers are password protected, if it is disabled then password protection cannot be set on any screen saver.
Configure this policy setting to Enabled so that when the other screen saver settings are implemented the risk of a user's desktop session being hijacked ...
Ensure No Auditing for 'Audit Policy: Policy Change: Audit Policy Change'
This subcategory reports changes in audit policy including SACL changes. Events for this subcategory include:
- 4715: The audit policy (SACL) on an object was changed.
- 4719: System audit policy was changed.
- 4902: The Per-user audit policy table was created.
- 4904: An attempt was made to register a se ...
Ensure No Auditing for 'Audit Policy: Policy Change: Other Policy Change Events'
This subcategory reports other types of security policy changes such as configuration of the Trusted Platform Module (TPM) or cryptographic providers. Events for this subcategory include:
- 4909: The local policy settings for the TBS were changed.
- 4910: The group policy settings for the TBS were changed. ...
Ensure No Auditing for 'Audit Policy: DS Access: Directory Service Changes'
This subcategory reports changes to objects in Active Directory Domain Services (AD DS). The types of changes that are reported are create, modify, move, and undelete operations that are performed on an object. DS Change auditing, where appropriate, indicates the old and new values of the changed properties of the objects ...
Ensure No Auditing for 'Audit Policy: Object Access: Handle Manipulation'
This subcategory reports when a handle to an object is opened or closed. Only objects with SACLs cause these events to be generated, and only if the attempted handle operation matches the SACL. Handle Manipulation events are only generated for object types where the corresponding Object Access subcategory is enabled, for ex ...
This subcategory reports on the activities of the Internet Protocol security (IPsec) driver. Events for this subcategory include:
- 4960: IPsec dropped an inbound packet that failed an integrity check. If this problem persists, it could indicate a network issue or that packets are being modified in transit to this computer. Verify that the packets sent from the remote computer are the same as ...
This subcategory reports the results of validation tests on credentials submitted for a user account logon request. These events occur on the computer that is authoritative for the credentials. For domain accounts, the domain controller is authoritative, whereas for local accounts, the local computer is authoritative. In domain environments, most of the Account Logon events occur in the Security l ...
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   1486
© 2013 SecPod Technologies