On windows platform, does compliance set Windows Local Policy to enforce settings, or directly monitor and update the registry, or both?
Does the analytics report on Group, Local policy and/or Registry settings to evaluate the configuration of a system?
How easy is it to manage exceptions to policies, and avoid loosing current settings while adding new? Example update just audit policies but not force a complete reset of all other policies for a system.