Which of the following actions should you consider?

You are hired by ABC.com to administrate a Microsoft Windows Server 2012 domain named
ABC.com. ABC.com utilizes an organizational unit (OU) named FileServ for housing all File Server
computer accounts in the domain.
You need to be able to track access files on the File servers.
Which of the following actions should you consider?

You are hired by ABC.com to administrate a Microsoft Windows Server 2012 domain named
ABC.com. ABC.com utilizes an organizational unit (OU) named FileServ for housing all File Server
computer accounts in the domain.
You need to be able to track access files on the File servers.
Which of the following actions should you consider?

A.
You should consider configuring the Account Logon auditing category.

B.
You should consider configuring the Object Access auditing category.

C.
You should consider configuring the Global Object Access Auditing category.

D.
You should consider configuring the Directory Service Access auditing category.

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

nanana

nanana

B is the only one that makes sense. Global Object Access would make you audit everything, not just file servers.

Reply

Oz

Oz

Which of the following actions should you consider?
I will consider B and C too (SACLs on files system for each server are set by someone?) .

See :
https://blogs.technet.microsoft.com/askds/2011/03/10/global-object-access-auditing-is-magic/

– specially – the lines : ..
Global auditing lets you create System Access Control Lists (SACL) for the entire computer, based on file and registry. This means that instead of manually altering and maintaining SACLs on 10TB of shared files, you can instead define them implicitly and not actually modify the files at all. You can then troubleshoot an unexplained file deletion, see who keeps changing permissions on a folder, or satisfy an auditor. ..

Reply