b359a875-cbc9-43a2-83a3-0b06a0af5792
Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities.
Accounts with the "Profile single process" user right can monitor nonsystem processes performance. An attacker could use this to identify processes to attack.
To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ User Rights Assignment
|_ Profile single process to include only the following accounts or groups:
- Administrators
STIG: Server
2025: https://system32.eventsentry.com/stig/viewer/V-278260
2022: https://system32.eventsentry.com/stig/viewer/V-254510
2019: https://system32.eventsentry.com/stig/viewer/V-205766
2016: https://system32.eventsentry.com/stig/viewer/V-225089
Desktop
W11: https://system32.eventsentry.com/stig/viewer/V-253504
W10: https://system32.eventsentry.com/stig/viewer/V-220981
NIST 800-53 : AC-3, AC-6, CM-6
NIST 800-171: 3.1.1, 3.1.2, 3.4.6
CMMC v2.0 L2: AC.L2-3.1.1, AC.L2-3.1.2, CM.L2-3.4.6
PCI-DSS v4.0: 2.2.1, 7.2.1
HIPAA SR : ยง164.312(a)(1)
HIPAA HICP : Practice 3 (Identity and Access Management)
Manage your cookie preferences below:
To learn more about our use of cookies, please see our
Privacy Policy.