Audit Policy: Object Access: Other Object Access EventsID: oval:org.secpod.oval:def:18989 | Date: (C)2014-05-29 (M)2021-06-02 |
Class: COMPLIANCE | Family: windows |
Auditing of Object Access: Other Object Access Events events on failure should be enabled or disabled as appropriate.
Audit Other Object Access Events, which determines whether the operating system generates audit events for the management of Task Scheduler jobs or COM+ objects. For scheduler jobs, the following actions are audited: * Job created. * Job deleted. * Job enabled. * Job disabled. * Job updated. * For COM+ objects, the following actions are audited: * Catalog object added. * Catalog object updated. * Catalog object deleted.
Fix:
(1) GPO: Commandline: auditpol.exe
(2) REG: NO INFO
Platform: |
Microsoft Windows Server 2008 R2 |