[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Audit Policy: System: Security System Extension (Failure)

ID: oval:org.secpod.oval:def:19107Date: (C)2014-05-29   (M)2021-06-02
Class: COMPLIANCEFamily: windows




Auditing of System: Security System Extension events on failure should be enabled or disabled as appropriate. Audit Security System Extension, which determines whether the operating system generates audit events related to security system extensions. Changes to security system extensions in the operating system include the following activities: * A security extension code is loaded (such as an authentication, notification, or security package). A security extension code registers with the Local Security Authority and will be used and trusted to authenticate logon attempts, submit logon requests, and be notified of any account or password changes. Examples of this extension code are Security Support Providers, such as Kerberos and NTLM. * A service is installed. An audit log is generated when a service is registered with the Service Control Manager. The audit log contains information about the service name, binary, type, start type, and service account. Fix: (1) GPO: Commandline: auditpol.exe (2) REG: NO INFO

Platform:
Microsoft Windows Server 2008 R2
Reference:
CCE-11169-0
CPE    1
cpe:/o:microsoft:windows_server_2008:r2
CCE    1
CCE-11169-0

© SecPod Technologies