| V-26553 | Medium | The system will be configured to audit "System -> Security State Change" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-1080 | Medium | The file system must be audited for failed access attempts. | Improper modification of system files can have a significant impact on the security configuration of a system as well as potentially rendering a system inoperable. Failed access attempts may... |
| V-26582 | Medium | The System event log will be configured to a minimum size requirement. | Inadequate log size will cause the log to fill up quickly and require frequent clearing by administrative personnel. |
| V-26581 | Medium | The Setup event log will be configured to a minimum size requirement. | Inadequate log size will cause the log to fill up quickly and require frequent clearing by administrative personnel. |
| V-26580 | Medium | The Security event log will be configured to a minimum size requirement. | Inadequate log size will cause the log to fill up quickly and require frequent clearing by administrative personnel. |
| V-26529 | Medium | The system will be configured to audit "Account Logon -> Credential Validation" successes. | Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26538 | Medium | The system will be configured to audit "Account Management -> User Account Management" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26539 | Medium | The system will be configured to audit "Detailed Tracking -> Process Creation" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26533 | Medium | The system will be configured to audit "Account Management -> Other Account Management Events" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26530 | Medium | The system will be configured to audit "Account Logon -> Credential Validation" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26531 | Medium | The system will be configured to audit "Account Management -> Computer Account Management" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26536 | Medium | The system will be configured to audit "Account Management -> Security Group Management" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26537 | Medium | The system will be configured to audit "Account Management -> User Account Management" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26534 | Medium | The system will be configured to audit "Account Management -> Other Account Management Events" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26535 | Medium | The system will be configured to audit "Account Management -> Security Group Management" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26532 | Medium | The system will be configured to audit "Account Management -> Computer Account Management" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-14230 | Medium | Audit policy using subcategories will be enabled. | This policy setting allows administrators to enable the more precise auditing capabilities present in Windows Vista and 2008 forward. |
| V-26549 | Medium | The system will be configured to audit "Privilege Use -> Sensitive Privilege Use" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26548 | Medium | The system will be configured to audit "Policy Change -> Authentication Policy Change" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26547 | Medium | The system will be configured to audit "Policy Change -> Audit Policy Change" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26546 | Medium | The system will be configured to audit "Policy Change -> Audit Policy Change" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26545 | Medium | The system will be configured to audit "Object Access -> Registry" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26544 | Medium | The system will be configured to audit "Object Access -> File System" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26543 | Medium | The system will be configured to audit "Logon/Logoff -> Special Logon" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26542 | Medium | The system will be configured to audit "Logon/Logoff -> Logon" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26541 | Medium | The system will be configured to audit "Logon/Logoff -> Logon" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26540 | Medium | The system will be configured to audit "Logon/Logoff -> Logoff" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-14228 | Medium | Audit Access to Global System Objects will be turned off. | This policy setting stops the system from setting up a default system access control list for certain system objects which could create a very large number of security events filling the Security... |
| V-14229 | Medium | Audit of Backup and Restore Privileges will be turned off. | This policy setting stops the system from generating audit events for every file backed up or restored which could fill the Security log in Windows. |
| V-26554 | Medium | The system will be configured to audit "System -> Security State Change" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26556 | Medium | The system will be configured to audit "System -> Security System Extension" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26557 | Medium | The system will be configured to audit "System -> System Integrity" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26550 | Medium | The system will be configured to audit "Privilege Use -> Sensitive Privilege Use" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26551 | Medium | The system will be configured to audit "System -> IPSec Driver" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26552 | Medium | The system will be configured to audit "System -> IPSec Driver" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26579 | Medium | The Application event log will be configured to a minimum size requirement. | Inadequate log size will cause the log to fill up quickly and require frequent clearing by administrative personnel. |
| V-26558 | Medium | The system will be configured to audit "System -> System Integrity" failures.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-26489 | Medium | Unauthorized accounts will not have the "Generate security audits" user right. | Inappropriate granting of user rights can provide system, administrative, and other high level capabilities.
The "Generate security audits" right specifies users and processes that can generate... |
| V-15715 | Medium | Windows Error Reporting to Microsoft will be disabled. | This check verifies that Error Reporting is disabled. |
| V-26555 | Medium | The system will be configured to audit "System -> Security System Extension" successes.
| Maintaining an audit trail of system activity logs can help identify configuration errors, troubleshoot service disruptions, and analyze compromises that have occurred as well as detecting... |
| V-4108 | Low | The system will generate an audit event when the audit log reaches a percent full threshold. | When the audit log reaches a given percent full, an audit event is written to the security log. The event ID is 523 and is recorded as a success audit under the category of System. This option may... |
| V-15707 | Low | Remote Assistance log files will be generated. | This check verifies that Remote Assistance log files will be generated. |
| V-15717 | Low | Additional data requests in response to Error Reporting will be declined. | This check verifies that additional data requests in response to Error Reporting will be declined. |
| V-14232 | Low | IPSec Exemptions will be limited. | This check verifies that Windows is configured to limit IPSec exemptions. |
| V-15714 | Low | Error Reporting events will be logged in the system event log. | This check verifies that Error Reporting events will be logged in the system event log. |
