Auditing of Object Access: Handle Manipulation events on failure should be enabled or disabled as appropriate. Audit Handle Manipulation, which determines whether the operating system generates audit events when a handle to an object is opened or closed.Only objects with configured system access control lists (SACLs) generate these events, and only if the attempted handle operation matches the SACL. Fix: (1) GPO: Commandline: auditpol.exe (2) REG: NO INFO