V-254324
CAT IIWindows Server 2022 must be configured to audit Privilege Use - Sensitive Privilege Use failures.
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 1
Check Text
Security Option "Audit: Force audit policy subcategory settings (Windows Vista or later) to override audit policy category settings" must be set to "Enabled" (WN22-SO-000050) for the detailed auditing subcategories to be effective.
Use the "AuditPol" tool to review the current Audit Policy configuration:
Open "PowerShell" or a "Command Prompt" with elevated privileges ("Run as administrator").
Enter "AuditPol /get /category:*"
Compare the "AuditPol" settings with the following:
If the system does not audit the following, this is a finding.
Privilege Use >> Sensitive Privilege Use - Failure
Fix Text
Configure the policy value for Computer Configuration >> Windows Settings >> Security Settings >> Advanced Audit Policy Configuration >> System Audit Policies >> Privilege Use >> Audit Sensitive Privilege Use with "Failure" selected.
STIG Reference
- STIG
- Microsoft Windows Server 2022 Security Technical Implementation Guide
- Version
- 2
- Release
- 8
- Rule ID
- SV-254324r958732_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| LAB BASELINES | BASELINE | SCHR-P3-DP-001_WinServer2022_V2R7_20260305-133436.cklb | Unassigned | 2026-03-05T13:34:36 | View in Context |