Which two audit policies should you configure in GPO1?

HOTSPOT
Your network contains an Active Directory domain named contoso.com.
You create an organizational unit (OU) named OU1 and a Group Policy object (GPO) named
GPO1. You link GPO1 to OU1.
You move several file servers that store sensitive company documents to OU1. Each file
server contains more than 40 shared folders.
You need to audit all of the failed attempts to access the files on the file servers in OU1. The
solution must minimize administrative effort.
Which two audit policies should you configure in GPO1?
To answer, select the appropriate two objects in the answer area.

HOTSPOT
Your network contains an Active Directory domain named contoso.com.
You create an organizational unit (OU) named OU1 and a Group Policy object (GPO) named
GPO1. You link GPO1 to OU1.
You move several file servers that store sensitive company documents to OU1. Each file
server contains more than 40 shared folders.
You need to audit all of the failed attempts to access the files on the file servers in OU1. The
solution must minimize administrative effort.
Which two audit policies should you configure in GPO1?
To answer, select the appropriate two objects in the answer area.

Answer:

Explanation:



Leave a Reply 4

Your email address will not be published. Required fields are marked *


Sonya

Sonya

The screenshot is from Windows Server 2008. Computer Configuration > Policies > Windows Settings > Security Settings > Local Policies > Audit Policy in WS2012 R2 doesn’t have a property named Global Object Access Auditing. Your options are:
-Audit account logon events
-Audit account management
-Audit directory service access
-Audit logon events
-Audit object access
-Audit policy change
-Audit privilege use
-Audit process tracking
-Audit system events

karl

karl

https://technet.microsoft.com/en-us/library/dn319056%28v=ws.11%29.aspx
“Applies To: Windows 7, Windows 8.1, Windows Server 2008 R2, [B]Windows Server 2012 R2[\B], Windows Server 2012, Windows 8

Audit policy settings under Security Settings\Advanced Audit Policy Configuration are available in the following categories:
…..
Object Access
Object Access policy settings and audit events allow you to track attempts to access specific objects or types of objects on a network or computer. To audit attempts to access a file, directory, registry key, or any other object, you must enable the appropriate Object Access auditing subcategory for success and/or failure events. For example, the File System subcategory needs to be enabled to audit file operations, and the Registry subcategory needs to be enabled to audit registry accesses.
…..
Global Object Access
Global Object Access Auditing policy settings allow administrators to define computer system access control lists (SACLs) per object type for the file system or for the registry. The specified SACL is then automatically applied to every object of that type.
Auditors will be able to prove that every resource in the system is protected by an audit policy by viewing the contents of the Global Object Access Auditing policy settings. For example, if auditors see a policy setting called “Track all changes made by group administrators,” they know that this policy is in effect. “

like this

like this

I am really delighted to read this web site posts which includes tons of valuable data, thanks for providing these kinds of statistics.|