question

JunaidKhan-3268 avatar image
0 Votes"
JunaidKhan-3268 asked Crystal-MSFT commented

CIS compliance monitoring and Reporintg through SCCM

I have performed CIS based OS Hardening in a Domain Environment on several Windows Server/10/8.1 Machines.
I ran a scan using CIS CAT Pro and then performed the required changes in the GPO of the relevant OU.

Now my question is that,

Can we set up SCCM (or SCOM etc) so that we can monitor the Configuration Settings and if any Configuration Changes in the GPO are made we get an alert?

Looking forward for your help.
Thanks

msc-operations-manager
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

Crystal-MSFT avatar image
1 Vote"
Crystal-MSFT answered Crystal-MSFT commented

@JunaidKhan-3268, To monitor GPO change, we can use SCOM and PowerShell. Here is a link list the detailed steps, we can read it as a reference:
https://social.technet.microsoft.com/wiki/contents/articles/3862.scom-monitoring-gpo-changes-using-scom-and-powershell.aspx

Hope it can help.


If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 3
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@JunaidKhan-3268, how's everything going? I am writing to see if there's anything else we can help. If ye, feel free to let us know.

0 Votes 0 ·

Thanks for your support, I will try to replicate what you have shared in my environment and let you know.

0 Votes 0 ·

@JunaidKhan-3268,, Thanks for letting us know the latest status. No worries. We will wait. If there's anything we can help, feel free to let us know.

0 Votes 0 ·