1.1.4.41 Set 'Create a token object' to 'No One'

Information

This policy setting allows a process to create an access token, which may provide elevated rights to
access sensitive data.

Solution

Make sure no one has the user right 'Create a token object'

See Also

https://workbench.cisecurity.org/files/17

Item Details

Category: ACCESS CONTROL

References: 800-53|AC-6(7)(b), CSCv6|5.1

Plugin: Windows

Control ID: 7bf947ab249026fce89e8fe64ebdf6bf48a26c5d15fc31802fe011f55f24417e