Ensure No Auditing for 'Account Management: Audit Application Group Management'ID: oval:org.secpod.oval:def:14770 | Date: (C)2013-08-13 (M)2022-10-10 |
Class: COMPLIANCE | Family: windows |
This policy setting allows you to audit events generated by changes to application groups such as the following:
Application group is created, changed, or deleted.
Member is added or removed from an application group.
If you configure this policy setting, an audit event is generated when an attempt to change an application group is made. Success audits record successful attempts and Failure audits record unsuccessful attempts.
If you do not configure this policy setting, no audit event is generated when an application group changes.
Volume: Low.
Default: No Auditing.
Fix:
(1) GPO: Computer Configuration\Windows Settings\Security Settings\Advanced Audit Policy Configuration\System Audit Policies\Account Management\Audit Application Group Management
(2) REG: INFO NOT AVAILABLE
Platform: |
Microsoft Windows 7 |