1.3.17 Audit Policy: Account Management: User Account Management

Information

This control defines whether the audit is activated when a user account management event, such as a create, change, rename, delete, disable or enable event occurs.

Solution

Make sure 'Audit Policy: Account Management: User Account Management' is configured to Success (minumum).

See Also

https://workbench.cisecurity.org/files/10

Item Details

Category: AUDIT AND ACCOUNTABILITY

References: 800-53|AU-12, CCE|CCE-2394-5, CCE|CCE-2411-7

Plugin: Windows

Control ID: e8d105f771662fafb2d8c2265e7b46954ce97c22d2af58ab7762524dbfda28a2