PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Auditing: generate security audits user right must only be assigned to Local Service and Network Service

7cd18828-f7cd-4bdc-b3fa-5aed1b4b90cf

Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities.

The "Generate security audits" user right specifies users and processes that can generate Security Log audit records, which must only be the system service accounts defined.

Remediation

To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ User Rights Assignment
|_ Generate security audits to include only the following accounts or groups:
- Local Service
- Network Service
STIG: Server
2025: https://system32.eventsentry.com/stig/viewer/V-278252
2022: https://system32.eventsentry.com/stig/viewer/V-254502
2019: https://system32.eventsentry.com/stig/viewer/V-205759
2016: https://system32.eventsentry.com/stig/viewer/V-225081

NIST 800-53 : AU-9, AC-6, CM-6
NIST 800-171: 3.3.8, 3.1.1, 3.4.6
CMMC v2.0 L2: AU.L2-3.3.8, AC.L2-3.1.1, CM.L2-3.4.6
PCI-DSS v4.0: 2.2.1, 7.2.1, 10.3.4
HIPAA SR : §164.312(b), §164.312(c)(1)
HIPAA HICP : Practice 3 (Identity and Access Management), Practice 8 (Incident Response)



Tags

stig-medium-serverstig-medium-desktopnist800-171-servernist800-171-desktopnist800-53-desktopnist800-53-serverpci-dss-v4-desktoppci-dss-v4-serverhipaa-desktophipaa-servercmmc2-l2-desktopcmmc2-l2-server

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.