One last but important security concern for Guest users is Event Logs, you would not want your Guest user to have access to your Event Logs information
Steps to make Event Logs inaccessible to Guest User:
- Go to Start Menu and type “regedit” in the search box which will lead to the regedit.exe link in the search results. After clicking on the Link you will be directed to a window which is the Registry Editor which shows many options in the left side box as seen in the image below.
- You have to select HKEY_LOCAL_MACHINE which will open many Sub-keys as seen in the image.
- Later you need to go into System Sub link which further shows some options out of which the CurrentControlSet has to be opened as shown in the image.
- In CurrentControlSet you will have to go into Services.
- Then there will be many links opening through which you will have to navigate to Eventlog which is the destination folder.
- Here you will be seeing 3 options of our concern Application, Security, System.
- We have to Click on the respective Options Application, Security and System and make sure that RestrictGuestAccess is active and we can confirm this by verifying the Status and making sure that Type is REG_DWORD and Data is 0x00000001 (1)
- This same verification has to be performed in Applications and Services as seen with Security in the image shown above.
- The DWORD means that the Restriction is active and 1 Confirms the Restriction.
If the Restriction is not active then you will have to follow the steps shown below.
- Right Click on the RestrictGuestAccess in the left box, which will open a dropdown box out of which you will have to select Modify.
- Now in this new window you will be seeing that the Value Data for RestrictGuestUser is given so make sure that Edit DWORD (32 -bit) Value is “1” which will confirm the restriction of Event Log.
You will have verify with all the 3 Applications, Security, Services in the same manner as done with Applications.