2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SER

2.2.24 (L1) Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE' (Automated)

Assigning this user right to a user allows programs running on behalf of that user to impersonate a client. Requiring this user right for this kind of impersonation prevents an unauthorized user from convincing a client to connect (for example, by remote procedure call (RPC) or named pipes) to a service that they've created and then impersonating that client, which can elevate the unauthorized user's permissions to administrative or system levels.

UserRights Policy CSP - Windows Client ManagementMicrosoftLearn

Format: chr (string) Value: Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE

Previous2.2.23 (L1) Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE' (Automated Next2.2.25 (L1) Ensure 'Increase scheduling priority' is set to 'Administrators, Window Manager\Window

Last updated 2 years ago