Anyone know if Policy Compliance can actually interrogate every profile (whether mounted in the registry or not) on a server/workstation for user level requirements? For example, CID 9302 - "Status of "Enable screen saver" configuration for Windows users" is set at the user level, in each users profile in the registry. If the user isn't logged on, the registry key isn't mounted. How would Qualys overcome this to fully inspect all profiles that exist on the system? Without checking all profiles, I would not "pass" this check.
Can Qualys load the registry of a user that is not logged on?