Chapter 5
1. A The three As (AAA) of security are authentication, authorization, and accounting. They work together to provide accountability. Accountability, access control, and auditing aren’t part of the AAA of security.
2. False Object Access auditing is a two-step process. You need to enable Object Access auditing in the Audit Policy and then configure the SACL on the individual folder.
3. A The Logon Events audit setting records any time a user logs on to a local system. Account Logon Events records when a user logs on to a domain. System Events and Process Tracking don’t record logon events.
4. C Directory Service Access auditing records changes to Active Directory. Account Management events can record modifications to user, computer, ...
Get Microsoft® Windows® Security: Essentials now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
