CSCv7|4.8

Title

Log and Alert on Changes to Administrative Group Membership

Description

Configure systems to issue a log entry and alert when an account is added to or removed from any group assigned administrative privileges.

Reference Item Details

Category: Controlled Use of Administrative Privileges

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.10 Ensure That 'Notify all admins when other admins reset their password?' is set to 'Yes'microsoft_azureCIS Microsoft Azure Foundations v1.5.0 L1
2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1 Bitlocker
2.2.1 (L1) Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows 8.1 v2.4.0 L1
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows 10 Stand-alone v1.0.1 L1 + BL + NG
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows 10 Stand-alone v1.0.1 L1
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows Server 2016 MS L1 v1.4.0
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Windows Server 2012 DC L1 v2.4.0
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows Server 2022 v1.0.0 L1 MS
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows Server 2008 R2 Member Server Level 1 v3.3.0
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows 10 Stand-alone v1.12.0 L1 + NG
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows 11 Stand-alone v1.0.0 L1 + BL
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows 11 Stand-alone v1.0.0 L1 + NG
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + NG
2.2.1 Ensure 'Access Credential Manager as a trusted caller' is set to 'No One'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + NG
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 10 Stand-alone v1.12.0 L1 + NG
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL + NG
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL + NG
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + BL
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 10 Stand-alone v1.0.1 L1 + BL + NG
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 11 Stand-alone v1.0.0 L1 + BL
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 11 Stand-alone v1.0.0 L1
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 11 Stand-alone v1.0.0 L1 + NG
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + NG
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 10 Stand-alone v1.0.1 L1
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1 + NG
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 10 Stand-alone v1.0.1 L1 + BL
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1 + BL
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Intune for Windows 10 Release 2004 v1.0.1 L1 + BL + NG
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 11 Enterprise v1.0.0 L1
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 11 Stand-alone v1.0.0 L1 + BL + NG
17.5.2 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows 10 Enterprise v1.12.0 L1
17.5.3 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows Server 2016 STIG DC STIG v1.1.0
17.5.3 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows Server 2016 STIG DC L1 v1.1.0
17.5.3 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows Server 2016 STIG MS L1 v1.1.0
17.5.3 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows Server 2019 STIG MS STIG v1.0.1
17.5.3 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows Server 2019 STIG DC L1 v1.0.1
17.5.3 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows Server 2019 STIG MS L1 v1.0.1
17.5.3 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows Server 2019 STIG DC STIG v1.0.1
17.5.3 Ensure 'Audit Group Membership' is set to include 'Success'WindowsCIS Microsoft Windows Server 2016 STIG MS STIG v1.1.0