[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Audit Policy: Policy Change: Other Policy Change Events

ID: oval:org.secpod.oval:def:18860Date: (C)2014-05-29   (M)2021-06-02
Class: COMPLIANCEFamily: windows




Auditing of Policy Change: Other Policy Change Events events on success should be enabled or disabled as appropriate. This subcategory reports other types of security policy changes such as configuration of the Trusted Platform Module (TPM) or cryptographic providers. Events for this subcategory include: - 4909: The local policy settings for the TBS were changed. - 4910: The group policy settings for the TBS were changed. - 5063: A cryptographic provider operation was attempted. - 5064: A cryptographic context operation was attempted. - 5065: A cryptographic context modification was attempted. - 5066: A cryptographic function operation was attempted. - 5067: A cryptographic function modification was attempted. - 5068: A cryptographic function provider operation was attempted. - 5069: A cryptographic function property operation was attempted. - 5070: A cryptographic function property modification was attempted. - 5447: A Windows Filtering Platform filter has been changed. - 6144: Security policy in the group policy objects has been applied successfully. - 6145: One or more errors occurred while processing security policy in the group policy objects. Refer to the Microsoft Knowledgebase article Description of security events in Windows Vista and in Windows Server 2008 for the most recent information about this setting: http://support.microsoft.com/default.aspx/kb/947226. Fix: (1) GPO: Commandline: auditpol.exe (2) REG: NO INFO

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-10680-7
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-10680-7

© SecPod Technologies