RE: PROPOSAL: Cluster 19 - NTCONFIG (13 candidates)
From: Adam Shostack [mailto:email@example.com]
Sent: Tuesday, July 27, 1999 2:19 PM
To: Craig Ozancin; firstname.lastname@example.org
Subject: Re: PROPOSAL: Cluster 19 - NTCONFIG (13 candidates)
| Candidate: CAN-1999-0575
| Announced: 19990721
| Assigned: 19990607
| Category: CF
| A Windows NT system's user audit policy does not log an event success
| or failure, e.g. for Logon and Logoff, File and Object Access, Use of
| User Rights, User and Group Management, Security Policy Changes,
| Restart, Shutdown, and System, and Process Tracking.
| VOTE: Recast
| It is far less interesting what a user does successfully that what they
| attempt and fail at.
I don't agree. Its very interesting, for example, if someone from
bindview.com logs into Axent.com. In fact, it may be more interesting
than someone failing.
I agree with what you say :) I meant for this to be for CAN-1999-0577.