Detections
Analytics

MSCM V3.0 Windows Member Server 2012

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: MSCM V3.0 Windows Member Server 2012

Updated: 4/2/2021

Authority: MSCM

Plugin: Windows

Revision: 1.5

Estimated Item Count: 146

Audit Items

DescriptionCategories
CCE-22742-1: Network access: Sharing and security model for local accounts
CCE-22773-6: Windows Firewall: Public: Apply local connection security rules
CCE-23043-3: Interactive logon: Machine inactivity limit
CCE-23082-1: Network access: Do not allow anonymous enumeration of SAM accounts
CCE-23295-9: User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop
CCE-23456-7: Manage auditing and security log
CCE-23462-5: MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)
CCE-23482-3: Audit Policy: Account Management: Computer Account Management
CCE-23486-4: Windows Firewall: Private: Inbound connections
CCE-23500-2: Shut down the system
CCE-23596-0: Domain member: Maximum machine account password age
CCE-23615-8: Windows Firewall: Private: Firewall state
CCE-23646-3: Control Event Log behavior when the log file reaches its maximum size
CCE-23648-9: Debug programs
CCE-23653-9: User Account Control: Run all administrators in Admin Approval Mode
CCE-23656-2: User Account Control: Switch to the secure desktop when prompting for elevation
CCE-23670-3: Audit Policy: Logon-Logoff: Logon
CCE-23704-0: Interactive logon: Prompt user to change password before expiration
CCE-23716-4: Microsoft Network Server: Digitally Sign Communications (Always)
CCE-23723-0: Create permanent shared objects
CCE-23782-6: Control Event Log behavior when the log file reaches its maximum size
CCE-23802-2: Profile system performance
CCE-23807-1: Network access: Let Everyone permissions apply to anonymous users
CCE-23829-5: Lock pages in memory
CCE-23844-4: Profile single process
CCE-23850-1: Create global objects
CCE-23877-4: User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode
CCE-23878-2: Turn off Autoplay
CCE-23880-8: UserAccount Control: Only elevate executables that are signed and validated
CCE-23892-3: Windows Firewall: Public: Outbound connections
CCE-23894-9: Windows Firewall: Public: Firewall state
CCE-23897-2: Microsoft network server: Amount of idle time required before disconnecting session
CCE-23899-8: Network access: Remotely accessible registry paths
CCE-23900-4: Windows Firewall: Public: Display a notification
CCE-23919-4: Always install with elevated privileges
CCE-23921-0: System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing
CCE-23939-2: Create a token object
CCE-23955-8: Audit Policy: Account Management Security Group Management
CCE-23972-3: Create a page file
CCE-23988-9: Audit: Shut down system immediately if unable to log security audits
CCE-24048-1: Generate security audits
CCE-24134-9: User Account Control: Admin Approval Mode for the Built-in Administrator account
CCE-24148-9: Microsoft network server: Disconnect clients when logon hours expire
CCE-24150-5: Network security: Do not store LAN Manager hash value on next password change
CCE-24154-7: Interactive logon: Smart card removal behavior
CCE-24162-0: Increase a process working set
CCE-24185-1: Change the system time
CCE-24187-7: Audit Policy: Logon-Logoff: Special Logon
CCE-24188-5: Deny access to this computer from the network
CCE-24231-3: User Account Control: Virtualize file and registry write failures to per-user locations