Timeout and Event Logging-Enforcing Security Policy
Timeout and Event Logging : a part of Server Roles and Technologies in Windows Server 2012 R2 and Windows Server 2012.
This topic provides an introduction to a policy beneath the settings of Security Options of the local security policies which is timeout and Event Logging.
Timeout: Interactive logon: Machine inactivity limit.
Introduction.
Windows detects user-input inactivity of a sign-in (logon) session by using the safety policy setting Interactive logon: Machine inactivity limit. The user’s session locks by invoking the screen saver ,If the amount/number of inactive time exceeds the inactivity limit set by this policy. This policy setting allows you to manage/regulate the locking time by using Group Policy.
Possible values
The automated/automatic lock of the pc/desktop is about in elapsed seconds of inactivity, which can/may range from zero (0) to five hundred ninety-nine thousand nine hundred forty second.
If there’s no value present in the Machine, they are going to be locked after input field and then eventually the policy setting is disabled and no action is taken on user-input inactivity for the session.
SOME DEFAULT VALUES-
Default Domain Policy — Not defined
Default Domain Controller Policy — Not defined
Stand-Alone Server Default Settings — Disabled
Restart requirement
When the policies are saved locally or distributed through Group Policy, Restart is required to make the changes to this policy to become effective.
Group Policy
Group Policy it actually provides a method of centralizing configuration settings and management of operating systems, computer settings and user settings in an IT working environment.
Vulnerability
This policy setting helps user prevents computers or devices under your control when the currently signed-in user leaves without deliberately locking the desktop from unauthorized access. In versions before Windows Server 2012 and Windows 8, the desktop-locking mechanism was assail individual computers in Personalization in control panel.
Potential impact
This security policy setting can limit unauthorized access to unsecured computers; however, that requirement must be balanced with the productivity requirements of the intended computer person.
Event Logging: Audit logon events.
Introduction
This setting determines whether to audit of each example of a user logging on to or logging off a computer.
Account logon events are on domain controllers for domain account activity and on local computers for local account activity. If both account logon and logon audit policy categories are enabled/active, logons that use an internet site account generate a logon or logoff event on the workstation or server, and that they generate an account logon event on the domain controller.
You can manage whether to audit successes, audit failures, or not audit the event type in the least , if you define this policy setting, Success audits generate an audit entry when a logon attempt succeeds. Failure audits make an audit entry of a logon attempt fails.
To set this value to No auditing, within the Properties panel of policy setting, select the Define these policy settings check box and clear the Success and Failure check boxes. By Default it is set to: Success.
Configuring this security setting
By opening the acceptable policy and expanding the console tree as such: Computer Configuration\Windows Settings\Security Settings\Local Policies\Audit Policy\. you’ll configure this security setting.
learning never ends, keep learning , keep practicing.
References:
For configuring timeout and event logging , you’ll inspect the subsequent video:-
