WinSecWiki > Security Settings > Advanced Audit Policies > System > System Integrity

Audit System Integrity

This category logs at least 3 events that could impact the over all integrity of the system. As will all subcategories you must use auditpol to enable or disable it.

Coverage on events generated by this category are currently in the Security Log Encyclopedia:

Event IDTitle
5038 Code integrity determined that the image hash of a file is not valid.
5056 A cryptographic self test was performed.
5061 Cryptographic operation.

Back to top

 

Upcoming Webinars
  • Securing Every Identity in the Hybrid Era: Building a Unified Strategy Across Cloud, On-Prem, and AI
  • “3 Persistent Privileged Access Methods in Active Directory: How Attackers Stick the Landing with AdminSdHolder, SIDHistory, DCShadow”
Additional Resources
    System
    •IPsec Driver
    •Other System Events
    •Security State Change
    •Security System Extension
    •System Integrity

     
     
    User name:
    Password:
      / Forgot?
      Register
    October 2025
    Patch Tuesday    		 "Patch Tuesday - 172 Updates Today and 6 Zero-Days! " - sponsored by LOGbinder
    .
    Tweet
    Follow @randyfsmith
    About | Newsletter | Contact Ultimate IT Security is a division of Monterey Technology Group, Inc. ©2006-2025 Monterey Technology Group, Inc. All rights reserved.
    Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk. For complaints, please contact abuse@ultimatewindowssecurity.com.     		Terms of Use | Privacy |
    Cookies help us deliver the best experience on our website. By using our website, you agree to the use of cookies.