|Paid content will be excluded from the download.
| Matches : 23631
|Audit Policy: Account Management: Security Group Management
This subcategory reports each event of security group management, such as when a security group is created, changed, or deleted or when a member is added to or removed from a security group. If you enable this Audit policy setting, administrators can track events to detect malicious, accidental, and authorized creation of security group ...
Audit Policy: Detailed Tracking: DPAPI Activity
This subcategory reports encrypt or decrypt calls into the data protections application interface (DPAPI). DPAPI is used to protect secret information such as stored password and key information. Events for this subcategory include:
? 4692: Backup of data protection master key was attempted.
? 4693: Recovery of data protection master key was attemp ...
Audit Policy: Logon-Logoff: Logon
This subcategory reports when a user attempts to log on to the system. These events occur on the accessed computer. For interactive logons, the generation of these events occurs on the computer that is logged on to. If a network logon takes place to access a share, these events generate on the computer that hosts the accessed resource. If you configure this setti ...
Audit Policy: Object Access: SAM
This subcategory reports when SAM objects are accessed. Refer to the Microsoft Knowledgebase article ?Description of security events in Windows Vista and in Windows Server 2008? for the most recent information about this setting: http://support.microsoft.com/default.aspx/kb/947226.
Allow Standby States (S1-S3) When Sleeping (Plugged In)
Dictates whether or not Windows is allowed to use standby states when sleeping the computer.
When this policy is enabled, Windows may use standby states to sleep the computer. If this policy is disabled, the only sleep state a computer may enter is hibernate.
Network access: Shares that can be accessed anonymously
This policy setting determines which network shares can be accessed by anonymous users. The default configuration for this policy setting has little effect because all users have to be authenticated before they can access shared resources on the server.
Note: It can be very dangerous to add other shares to this Group Policy setting. Any netw ...
Audit Policy: System: Security State Change
This subcategory reports changes in security state of the system, such as when the security subsystem starts and stops. Events for this subcategory include:
? 4608: Windows is starting up.
? 4609: Windows is shutting down.
? 4616: The system time was changed.
? 4621: Administrator recovered system from CrashOnAuditFail. Users who are not administrato ...
Audit Policy: Detailed Tracking: Process Termination
This subcategory reports when a process terminates. Events for this subcategory include:
? 4689: A process has exited.
Refer to the Microsoft Knowledgebase article ?Description of security events in Windows Vista and in Windows Server 2008? for the most recent information about this setting: http://support.microsoft.com/default.aspx/kb/947226.
Configure log access
This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string. You cannot configure write permissions for this log.
If you enable this policy setting, only those users whose security descriptor matches the configured specified value can access the log.
If you disable or do not configure this poli ...
Configure log access
This policy setting specifies to use the security descriptor for the log using the Security Descriptor Definition Language (SDDL) string.
If you enable this policy setting, only users whose security descriptor matches the configured value can access the log.
If you disable or do not configure this policy setting, only system software and administrators can write or clea ...
Pages:      Start    14    15    16    17    18    19    20    21    22    23    24    25    26    27    ..   2363
© 2013 SecPod Technologies