Auditing of System: System Integrity events on failure should be enabled or disabled as appropriate. Audit System Integrity, which determines whether the operating system audits events that violate the integrity of the security subsystem. Activities that violate the integrity of the security subsystem include the following: * Audited events are lost due to a failure of the auditing system. * A process uses an invalid local procedure call (LPC) port in an attempt to impersonate a client, reply to a client address space, read to a client address space, or write from a client address space. * A remote procedure call (RPC) integrity violation is detected. * A code integrity violation with an invalid hash value of an executable file is detected. * Cryptographic tasks are performed. Fix: (1) GPO: Commandline: auditpol.exe (2) REG: NO INFO