Audit Policy: Object Access: Handle ManipulationID: oval:org.secpod.oval:def:18977 | Date: (C)2014-05-29 (M)2021-06-02 |
Class: COMPLIANCE | Family: windows |
Auditing of Object Access: Handle Manipulation events on failure should be enabled or disabled as appropriate.
Audit Handle Manipulation, which determines whether the operating system generates audit events when a handle to an object is opened or closed.Only objects with configured system access control lists (SACLs) generate these events, and only if the attempted handle operation matches the SACL.
Fix:
(1) GPO: Commandline: auditpol.exe
(2) REG: NO INFO
Platform: |
Microsoft Windows Server 2008 R2 |