AzPolicyAdvertizer

last sync: 2023-Jun-09 17:46:13 UTC

Azure Policy definition

Windows machines should meet requirements for 'System Audit Policies - Policy Change'

Name

Windows machines should meet requirements for 'System Audit Policies - Policy Change'
Azure Portal

2a7a701e-dff3-4da9-9ec5-42cb98594c0b

Version

3.0.0
details on versioning

Category

Guest Configuration
Microsoft docs

Description

Windows machines should have the specified Group Policy settings in the category 'System Audit Policies - Policy Change' for auditing changes to system audit policies. This policy requires that the Guest Configuration prerequisites have been deployed to the policy assignment scope. For details, visit https://aka.ms/gcpol.

Mode

Indexed

Type

BuiltIn

Preview

FALSE

Deprecated

FALSE

Effect

Default
AuditIfNotExists
Allowed
AuditIfNotExists, Disabled

RBAC
Role(s)

none

Rule
Aliases

IF (7)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.Compute/imageOffer	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.offer properties.virtualMachineProfile.storageProfile.imageReference.offer properties.creationData.imageReference.id	false false false
Microsoft.Compute/imagePublisher	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.publisher properties.virtualMachineProfile.storageProfile.imageReference.publisher properties.creationData.imageReference.id	false false false
Microsoft.Compute/imageSKU	Microsoft.Compute Microsoft.Compute Microsoft.Compute	virtualMachines virtualMachineScaleSets disks	properties.storageProfile.imageReference.sku properties.virtualMachineProfile.storageProfile.imageReference.sku properties.creationData.imageReference.id	false false false
Microsoft.Compute/virtualMachines/osProfile.windowsConfiguration	Microsoft.Compute	virtualMachines	properties.osProfile.windowsConfiguration	true
Microsoft.Compute/virtualMachines/storageProfile.osDisk.osType	Microsoft.Compute	virtualMachines	properties.storageProfile.osDisk.osType	true
Microsoft.ConnectedVMwarevSphere/virtualMachines/osProfile.osType	Microsoft.ConnectedVMwarevSphere	VirtualMachines	properties.osProfile.osType	false
Microsoft.HybridCompute/imageOffer	Microsoft.HybridCompute	machines	properties.osName	false

THEN-ExistenceCondition (2)

Alias	Namespace	ResourceType	DefaultPath	Modifiable
Microsoft.GuestConfiguration/guestConfigurationAssignments/complianceStatus	Microsoft.GuestConfiguration	guestConfigurationAssignments	properties.complianceStatus	false
Microsoft.GuestConfiguration/guestConfigurationAssignments/parameterHash	Microsoft.GuestConfiguration	guestConfigurationAssignments	properties.parameterHash	false

Rule
ResourceTypes

IF (3)
Microsoft.Compute/virtualMachines
Microsoft.ConnectedVMwarevSphere/virtualMachines
Microsoft.HybridCompute/machines

Compliance

The following 1 compliance controls are associated with this Policy definition 'Windows machines should meet requirements for 'System Audit Policies - Policy Change'' (2a7a701e-dff3-4da9-9ec5-42cb98594c0b)

Control Domain	Control	Name	MetadataId	Category	Title	Owner	Requirements	Description	Info	Policy#
CMMC_L3	CM.2.065	CMMC_L3_CM.2.065	CMMC L3 CM.2.065	Configuration Management	Track, review, approve or disapprove, and log changes to organizational systems.	Shared	Microsoft and the customer share responsibilities for implementing this requirement.	Tracking, reviewing, approving/disapproving, and logging changes is called configuration change control. Configuration change control for organizational systems involves the systematic proposal, justification, implementation, testing, review, and disposition of changes to the systems, including system upgrades and modifications. Configuration change control includes changes to baseline configurations for components and configuration items of systems, changes to configuration settings for information technology products (e.g., operating systems, applications, firewalls, routers, and mobile devices), unscheduled and unauthorized changes, and changes to remediate vulnerabilities. Processes for managing configuration changes to systems include Configuration Control Boards or Change Advisory Boards that review and approve proposed changes to systems. For new development systems or systems undergoing major upgrades, organizations consider including representatives from development organizations on the Configuration Control Boards or Change Advisory Boards. Audit logs of changes include activities before and after changes are made to organizational systems and the activities required to implement such changes.	link	6

History

Date/Time (UTC ymd) (i)	Change type	Change detail
2022-01-28 17:51:01	change	Major (2.0.0 > 3.0.0)
2020-09-15 14:06:41	change	Previous DisplayName: [Preview]: Windows machines should meet requirements for 'System Audit Policies - Policy Change'
2020-08-20 14:05:01	add	2a7a701e-dff3-4da9-9ec5-42cb98594c0b

Initiatives
usage

Initiative DisplayName	Initiative Id	Initiative Category	State	Type
[Preview]: Windows machines should meet requirements for the Azure compute security baseline	be7a78aa-3e10-4153-a5fd-8c6506dbc821	Guest Configuration	Preview	BuiltIn
CMMC Level 3	b5629c75-5c77-4422-87b9-2509e680f8de	Regulatory Compliance	GA	BuiltIn

JSON