2.2.23 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' (Automated

2.2.23 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' (Automated)

This user right determines which accounts can be used by a process to add entries to the security log. The security log is used to trace unauthorized system access. Misuse of this user right can result in the generation of many auditing events, potentially hiding evidence of an attack or causing a denial of service. Shut down system immediately if unable to log security audits security policy setting is enabled.

UserRights Policy CSP - Windows Client ManagementMicrosoftLearn

Format: chr (string) Value: LOCAL SERVICE, NETWORK SERVICE

Previous2.2.22 (L1) Ensure 'Force shutdown from a remote system' is set to 'Administrators' (Automated)Next2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SER

Last updated 2 years ago