7 Replies Latest reply on Sep 20, 2013 3:31 PM by Monty Yao

    Windows security setting, effective vs local in compliance

      i see in our CIS compliance template (probably others as well), we check both the "effective" setting as well as the "local" setting.  I'm assuming the local is what's settable by local administrator, and there is a possibility the value could be set via domain GPO.  BUT, isn't the effective is the net result regardless what set it?  If my assumption is right and my auditor just cares about the net-result, is it safe to say, we can remove the check for 'local' setting?


      I'm just trying to simplify the rule and reporting, and by cutting out the 'local', it'll speed up some for me.