audipol disable
This commit is contained in:
106
setup.py
106
setup.py
@@ -265,60 +265,60 @@ def install():
|
||||
# #CIS - Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'.
|
||||
# run("netsh advfirewall set public settings localconsecrules enforce=no")
|
||||
#CIS - Ensure 'Audit Credential Validation' is set to 'Success and Failure'.
|
||||
run('auditpol /set /subcategory:"Credential Validation" /success:enable /failure:enable')
|
||||
# Ensure 'Audit Application Group Management' is set to 'Success and Failure'.
|
||||
run('auditpol /set /subcategory:"Application Group Management" /success:enable /failure:enable')
|
||||
# Ensure 'Audit Security Group Management' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Security Group Management" /success:enable')
|
||||
# Ensure 'Audit User Account Management' is set to 'Success and Failure'.
|
||||
run('auditpol /set /subcategory:"User Account Management" /success:enable')
|
||||
# Ensure 'Plug and Play Events' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Plug and Play Events" /success:enable')
|
||||
# Ensure 'Process Creation' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Process Creation" /success:enable')
|
||||
# Ensure 'Account Lockout' is set to 'Success and Failure'.
|
||||
run('auditpol /set /subcategory:"Account Lockout" /failure:enable')
|
||||
# Ensure 'Group Membership' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Group Membership" /success:enable')
|
||||
# Ensure 'Logon' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Logon" /success:enable /failure:enable')
|
||||
# Ensure 'Logoff' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Logoff" /success:enable')
|
||||
# Ensure 'Other Logon/Logoff Events' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Other Logon/Logoff Events" /success:enable /failure:enable')
|
||||
# Ensure 'Special Logon' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Special Logon" /success:enable')
|
||||
# Ensure 'Detailed File Share' is set to 'Success and Failure'.
|
||||
run('auditpol /set /subcategory:"Detailed File Share" /failure:enable')
|
||||
# Ensure 'File Share' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"File Share" /success:enable /failure:enable')
|
||||
# Ensure 'Other Object Access Events' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Other Object Access Events" /success:enable /failure:enable')
|
||||
# Ensure 'Removable Storage' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Removable Storage" /success:enable /failure:enable')
|
||||
# Ensure 'Audit Policy Change' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Audit Policy Change" /success:enable')
|
||||
# Ensure 'Authentication Policy Change' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Authentication Policy Change" /success:enable')
|
||||
# Ensure 'Authorization Policy Change' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Authorization Policy Change" /success:enable')
|
||||
# Ensure 'MPSSVC Rule-Level Policy Change' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"MPSSVC Rule-Level Policy Change" /success:enable /failure:enable')
|
||||
# Ensure 'Other Policy Change Events' is set to 'Success and Failure'.
|
||||
run('auditpol /set /subcategory:"Other Policy Change Events" /failure:enable')
|
||||
# Ensure 'Sensitive Privilege Use' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Sensitive Privilege Use" /success:enable /failure:enable')
|
||||
# Ensure 'IPsec Driver' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"IPsec Driver" /success:enable /failure:enable')
|
||||
# run('auditpol /set /subcategory:"Credential Validation" /success:enable /failure:enable')
|
||||
# # Ensure 'Audit Application Group Management' is set to 'Success and Failure'.
|
||||
# run('auditpol /set /subcategory:"Application Group Management" /success:enable /failure:enable')
|
||||
# # Ensure 'Audit Security Group Management' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Security Group Management" /success:enable')
|
||||
# # Ensure 'Audit User Account Management' is set to 'Success and Failure'.
|
||||
# run('auditpol /set /subcategory:"User Account Management" /success:enable')
|
||||
# # Ensure 'Plug and Play Events' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Plug and Play Events" /success:enable')
|
||||
# # Ensure 'Process Creation' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Process Creation" /success:enable')
|
||||
# # Ensure 'Account Lockout' is set to 'Success and Failure'.
|
||||
# run('auditpol /set /subcategory:"Account Lockout" /failure:enable')
|
||||
# # Ensure 'Group Membership' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Group Membership" /success:enable')
|
||||
# # Ensure 'Logon' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Logon" /success:enable /failure:enable')
|
||||
# # Ensure 'Logoff' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Logoff" /success:enable')
|
||||
# # Ensure 'Other Logon/Logoff Events' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Other Logon/Logoff Events" /success:enable /failure:enable')
|
||||
# # Ensure 'Special Logon' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Special Logon" /success:enable')
|
||||
# # Ensure 'Detailed File Share' is set to 'Success and Failure'.
|
||||
# run('auditpol /set /subcategory:"Detailed File Share" /failure:enable')
|
||||
# # Ensure 'File Share' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"File Share" /success:enable /failure:enable')
|
||||
# # Ensure 'Other Object Access Events' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Other Object Access Events" /success:enable /failure:enable')
|
||||
# # Ensure 'Removable Storage' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Removable Storage" /success:enable /failure:enable')
|
||||
# # Ensure 'Audit Policy Change' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Audit Policy Change" /success:enable')
|
||||
# # Ensure 'Authentication Policy Change' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Authentication Policy Change" /success:enable')
|
||||
# # Ensure 'Authorization Policy Change' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Authorization Policy Change" /success:enable')
|
||||
# # Ensure 'MPSSVC Rule-Level Policy Change' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"MPSSVC Rule-Level Policy Change" /success:enable /failure:enable')
|
||||
# # Ensure 'Other Policy Change Events' is set to 'Success and Failure'.
|
||||
# run('auditpol /set /subcategory:"Other Policy Change Events" /failure:enable')
|
||||
# # Ensure 'Sensitive Privilege Use' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Sensitive Privilege Use" /success:enable /failure:enable')
|
||||
# # Ensure 'IPsec Driver' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"IPsec Driver" /success:enable /failure:enable')
|
||||
|
||||
# Ensure 'Other System Events' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Other System Events" /success:enable /failure:enable')
|
||||
# Ensure 'Security State Change' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Security State Change" /success:enable')
|
||||
# Ensure 'Security System Extension' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"Security System Extension" /success:enable')
|
||||
# Ensure 'System Integrity' is set to include 'Success'.
|
||||
run('auditpol /set /subcategory:"System Integrity" /success:enable /failure:enable')
|
||||
# # Ensure 'Other System Events' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Other System Events" /success:enable /failure:enable')
|
||||
# # Ensure 'Security State Change' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Security State Change" /success:enable')
|
||||
# # Ensure 'Security System Extension' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"Security System Extension" /success:enable')
|
||||
# # Ensure 'System Integrity' is set to include 'Success'.
|
||||
# run('auditpol /set /subcategory:"System Integrity" /success:enable /failure:enable')
|
||||
|
||||
#CIS - Ensure 'Prevent enabling lock screen camera' is set to 'Enabled'.
|
||||
registry_set(HKEY_LOCAL_MACHINE, r"SOFTWARE\Policies\Microsoft\Windows\Personalization", "NoLockScreenCamera","1")
|
||||
|
||||
Reference in New Issue
Block a user