I have performed CIS based OS Hardening in a Domain Environment on several Windows Server/10/8.1 Machines.
I ran a scan using CIS CAT Pro and then performed the required changes in the GPO of the relevant OU.
Now my question is that,
Can we set up SCCM (or SCOM etc) so that we can monitor the Configuration Settings and if any Configuration Changes in the GPO are made we get an alert?
Looking forward for your help.
Thanks