[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 197798 Download | Alert*

Auditing of Privilege Use: Sensitive Privilege Use events on failure should be enabled or disabled as appropriate. This policy setting determines whether the operating system generates audit events when sensitive privileges (user rights) are used. Actions that can be audited include: A privileged service is called. * One of the following privileges is called: * Act as part of the operating system ...

Auditing of Account Logon: Other Account Logon Events events on success should be enabled or disabled as appropriate. This subcategory reports the events that occur in response to credentials submitted for a user account logon request that do not relate to credential validation or Kerberos tickets. These events occur on the computer that is authoritative for the credentials. For domain accounts, ...

Auditing of Object Access: SAM events on success should be enabled or disabled as appropriate. This subcategory reports when SAM objects are accessed. Refer to the Microsoft Knowledgebase article Description of security events in Windows Vista and in Windows Server 2008 for the most recent information about this setting: http://support.microsoft.com/default.aspx/kb/947226. Fix: (1) GPO: Command ...

Auditing of Detailed Tracking: Process Creation events on success should be enabled or disabled as appropriate. This subcategory reports the creation of a process and the name of the program or user that created it. Events for this subcategory include: - 4688: A new process has been created. - 4696: A primary token was assigned to process. Refer to the Microsoft Knowledgebase article Description ...

Auditing of Account Management: Computer Account Management events on failure should be enabled or disabled as appropriate. This security policy setting determines whether the operating system generates audit events when a computer account is created, changed, or deleted. This policy setting is useful for tracking account-related changes to computers that are members of a domain. Fix: (1) GPO: ...

Auditing of Policy Change: Filtering Platform Policy Change events on success should be enabled or disabled as appropriate. This subcategory reports the addition and removal of objects from WFP, including startup filters. These events can be very high in volume. Events for this subcategory include: - 4709: IPsec Services was started. - 4710: IPsec Services was disabled. - 4711: May contain any ...

Auditing of Policy Change: MPSSVC Rule-Level Policy Change events on success should be enabled or disabled as appropriate. This subcategory reports changes in policy rules used by the Microsoft Protection Service (MPSSVC.exe). This service is used by Windows Firewall and by Microsoft OneCare. Events for this subcategory include: - 4944: The following policy was active when the Windows Firewall st ...

Auditing of Audit account logon events on success should be enabled or disabled as appropriate. This security setting determines whether to audit each instance of a user logging on to or logging off from another computer in which this computer is used to validate the account. Account logon events are generated when a domain user account is authenticated on a domain controller. The event is logged ...

Auditing of Object Access: File Share events on failure should be enabled or disabled as appropriate. This policy setting determines whether the operating system generates audit events when a file share is accessed. Audit events are not generated when shares are created, deleted, or when share permissions change. Combined with File System auditing, File Share auditing enables you to track what co ...

Auditing of Privilege Use: Other Privilege Use Events events on success should be enabled or disabled as appropriate. This subcategory reports when a user account or service uses a sensitive privilege. A sensitive privilege includes the following user rights: Act as part of the operating system, Back up files and directories, Create a token object, Debug programs, Enable computer and user accoun ...


Pages:      Start    19317    19318    19319    19320    19321    19322    19323    19324    19325    19326    19327    19328    19329    19330    ..   19779

© SecPod Technologies