Test ID:	1.3.6.1.4.1.25623.1.0.109589
Category:	Policy
Title:	Microsoft Windows: Audit Special Logon
Summary:	Audit Special Logon determines whether the operating system;generates audit events under special sign on (or log on) circumstances.;;This subcategory allows you to audit events generated by special logons such as the following:;; - The use of a special logon, which is a logon that has administrator-equivalent privileges and can;be used to elevate a process to a higher level.;; - A logon by a member of a Special Group. Special Groups enable you to audit events generated when a;member of a certain group has logged on to your network. You can configure a list of group security;identifiers (SIDs) in the registry. If any of those SIDs are added to a token during logon and the;subcategory is enabled, an event is logged.;;;(C) Microsoft Corporation 2017.
Description:	Summary: Audit Special Logon determines whether the operating system generates audit events under special sign on (or log on) circumstances. This subcategory allows you to audit events generated by special logons such as the following: - The use of a special logon, which is a logon that has administrator-equivalent privileges and can be used to elevate a process to a higher level. - A logon by a member of a Special Group. Special Groups enable you to audit events generated when a member of a certain group has logged on to your network. You can configure a list of group security identifiers (SIDs) in the registry. If any of those SIDs are added to a token during logon and the subcategory is enabled, an event is logged. (C) Microsoft Corporation 2017. CVSS Score: 0.0 CVSS Vector: AV:L/AC:H/Au:S/C:N/I:N/A:N
Copyright	Copyright (C) 2018 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.