审核非敏感特权使用

面向 IT 专业人员的本主题介绍高级安全审核策略设置“审核非敏感权限使用”，此策略设置确定操作系统是否在使用非敏感权限（用户权限）时生成审核事件。

以下特权属于非敏感特权：

• Access Credential Manager as a trusted caller

• Access this computer from the network

• Add workstations to domain

• Adjust memory quotas for a process

• Allow log on locally

• Allow log on through Terminal Services

• Bypass traverse checking

• Change the system time

• Create a page file

• Create global objects

• Create permanent shared objects

• Create symbolic links

• Deny access to this computer from the network

• Deny log on as a batch job

• Deny log on as a service

• Deny log on locally

• Deny log on through Terminal Services

• Force shutdown from a remote system

• Increase a process working set

• Increase scheduling priority

• Lock pages in memory

• Log on as a batch job

• Log on as a service

• Modify an object label

• Perform volume maintenance tasks

• Profile single process

• Profile system performance

• Remove computer from docking station

• Shut down the system

• Synchronize directory service data

如果配置此策略设置，调用非敏感特权时就会生成审核事件。成功审核用来记录成功的尝试，而失败审核用来记录不成功的尝试。

事件量：非常高

默认值：未配置

相关主题

高级安全审核策略设置