I need to find or create a check regarding the administrative templates > control panel/user accounts > Apply the default user logon picture to all users of a GPO. I searched for it in the checklists provided by Mcafee but no success.
Do I need to create it on my own? How to? Is there any given example provided by McAfee because the PA guide just describes the options but not in the most comprehensive way (personally speaking) and I was wondering if there was any way to check on an example of the whole process. In that way, I will be able to understand what each variable means and act accordingly.
I would greatly appreciate anyone's assistance on this!
You will need to code that from scratch. You will probably need to create a registry check. Take a look to this example: http://www.itsecdb.com/oval/definition/oval/gov.nist.fdcc.vistafirewall/def/6528/Apply-Local-Connect...
Try to find something similar in mcafee built-in checks, export them and modify to meet your needs, then import them back.
Typically, the Mcafee content will focus on checks which map to existing industry compliance standard benchmarks. Some examples would be CIS, PCI DSS, and more recently STIG. Unfortunately for your situation, none of those benchmark source documents audit that particular setting.
If that setting has a related registry key, you could use the Windows Registry Value Check to audit the exact key and value. But looking around I was unable to find an associated reg key for that policy setting (as is the case with various other GPOs).