Detections
Analytics

MSCM V3.0 Windows Server 2012 DC

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: MSCM V3.0 Windows Server 2012 DC

Updated: 4/2/2021

Authority: MSCM

Plugin: Windows

Revision: 1.6

Estimated Item Count: 326

Audit Items

DescriptionCategories
CCE-22742-1: Network access: Sharing and security model for local accounts
CCE-22773-6: Windows Firewall: Public: Apply local connection security rules
CCE-22826-2: Audit Policy: Object Access: Removable Storage
CCE-22865-0: Performance Logs & Alerts
CCE-22878-3: Network Store Interface Service
CCE-22918-7: Server
CCE-22929-4: Device Install Service
CCE-22975-7: Application Management
CCE-23010-2: Network Connections
CCE-23043-3: Interactive logon: Machine inactivity limit
CCE-23082-1: Network access: Do not allow anonymous enumeration of SAM accounts
CCE-23117-5: Deny log on as a service
CCE-23122-5: Diagnostic Policy Service
CCE-23129-0: Audit Policy: Object Access: Certification Services
CCE-23174-6: TCP/IP NetBIOS Helper
CCE-23271-0: Add workstations to domain
CCE-23294-2: Kerberos Key Distribution Center
CCE-23295-9: User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop
CCE-23352-8: Network Connectivity Assistant
CCE-23353-6: Windows Update
CCE-23359-3: Cryptographic Services
CCE-23386-6: Log on as a batch job
CCE-23402-1: Themes
CCE-23408-8: DFS Replication
CCE-23418-7: Wired AutoConfig
CCE-23456-7: Manage auditing and security log
CCE-23462-5: MSS: (SafeDllSearchMode) Enable Safe DLL search mode (recommended)
CCE-23473-2: Computer Browser
CCE-23475-7: Hyper-V Time Synchronization Service
CCE-23482-3: Audit Policy: Account Management: Computer Account Management
CCE-23484-9: Problem Reports and Solutions Control Panel Support
CCE-23486-4: Windows Firewall: Private: Inbound connections
CCE-23500-2: Shut down the system
CCE-23502-8: Audit Policy: Detailed Tracking: RPC Events
CCE-23587-9: Domain controller: LDAP server signing requirements
CCE-23596-0: Domain member: Maximum machine account password age
CCE-23603-4: Remote Registry
CCE-23610-9: Remote Procedure Call (RPC) Locator
CCE-23614-1: Audit Policy: Logon-Logoff: IPsec Quick Mode
CCE-23615-8: Windows Firewall: Private: Firewall state
CCE-23619-0: Audit Policy: DS Access: Detailed Directory Service Replication
CCE-23630-7: Audit Policy: Object Access: Registry
CCE-23646-3: Control Event Log behavior when the log file reaches its maximum size
CCE-23648-9: Debug programs
CCE-23653-9: User Account Control: Run all administrators in Admin Approval Mode
CCE-23655-4: Audit Policy: Object Access: Kernel Object
CCE-23656-2: User Account Control: Switch to the secure desktop when prompting for elevation
CCE-23666-1: Smart Card
CCE-23670-3: Audit Policy: Logon-Logoff: Logon
CCE-23676-0: Device Association Service