17.9.3 (L1) Ensure 'Audit Security State Change' is set to include 'Success' (Automated)
System_AuditSecurityStateChange
This policy setting allows you to audit events generated by changes in the security state of the computer such as the following events: Startup and shutdown of the computer. Change of system time. Recovering the system from CrashOnAuditFail, which is logged after a system restarts when the security event log is full and the CrashOnAuditFail registry entry is configured.
Previous17.9.2 (L1) Ensure 'Audit Other System Events' is set to 'Success and Failure' (Automated)Next17.9.4 (L1) Ensure 'Audit Security System Extension' is set to include 'Success' (Automated)
Last updated