You can run compliance scans to test detailed security auditing settings for Windows Vista, 7 and 2008. These tests are performed during compliance scans when the Dissolvable Agent is enabled for the scan.
|
Get Started |
|
Step 1: Accept the Dissolvable AgentStep 1: Accept the Dissolvable Agent The Dissolvable Agent must be accepted for your subscription. Go to Scans > Setup > Dissolvable Agent and check to be sure the Agent is accepted. If not, a Manager must accept go there and accept the Agent. Learn more |
|
Step 2: Enable the Agent in your scan settingsStep 2: Enable the Agent in your scan settings Go to PC > Scans > Option Profiles. Select "Enable the Dissolvable Agent". |
|
Step 3: Launch a compliance scanStep 3: Launch a compliance scan Go to PC > Scans and select New > Scan (or Schedule Scan). Enter your scan settings and click Launch. Be sure to select the option profile you just configured. |
|
What are the security audit tests? |
|
- Audit Credential Validation - Audit Kerberos Authentication Service - Audit Kerberos Service Ticket Operations - Audit Other Account Logon Events |
|
Account ManagementAccount Management - Audit Application Group Management - Audit Computer Management - Audit Distribution Group Management - Audit Other Account Management Events - Audit Security Group Management - Audit User Account Management |
|
Detailed TrackingDetailed Tracking - Audit DPAPI Activity - Audit Process Creation - Audit Process Termination - Audit RPC Events |
|
- Audit Detailed Directory Service Replication - Audit Directory Service Access - Audit Directory Service Changes - Audit Directory Service Replication |
|
- Audit Account Lockout - Audit IPSec Extended Mode - Audit IPSec Main Mode - Audit IPSec Quick Mode - Audit Logoff - Audit Logon - Audit Network Policy Server - Audit Other Logon/Logoff Events - Audit Special Logon |
|
- Audit Application Generated - Audit Certification Services - Audit Detailed File Share - Audit File Share - Audit File System - Audit Filtering Platform Connection - Audit Filtering Platform Packet Drop - Audit Handle Manipulation - Audit Kernel Object - Audit Other Object Access Events - Audit Registry - Audit SAM |
|
- Audit Audit Policy Change - Audit Authentication Policy Change - Audit Authorization Policy Change - Audit Filtering Platform Policy Change - Audit MPSSVC Rule-Level Policy Change - Audit Other Policy Change Events |
|
- Audit Non-Sensitive Privilege Use - Audit Sensitive Privilege Use - Audit Other Privilege Use Events |
|
- Audit IPsec Driver - Audit Other System Events - Audit Security State Change - Audit Security System Extension - Audit System Integrity |