The Essentials and Beyond
In this chapter, you learned about the built-in auditing capabilities of Microsoft Windows Server 2008 systems. The Audit Policy contains nine categories of auditing. The majority of auditing settings need to be enabled in only the Audit Policy. However, two settings (Object Access and Directory Service Access) must be enabled in two places. You first enable the settings in the Audit Policy. Next, you enable auditing on the individual object that you want to audit. On NTFS systems, you enable Object Access auditing for any individual folder or file using the Security tab. For Active Directory objects, you enable Directory Service Access auditing on the Active Directory object such as a container or an OU. MBSA is a free ...
Get Microsoft® Windows® Security: Essentials now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
