What should you include in the recommendation?

Your network contains an Active Directory domain named contoso.com.
The corporate security policy states that when new user accounts, computer accounts, and
contacts are added to an organizational unit (OU) named Secure, the addition must be
audited.
You need to recommend an auditing solution to meet the security policy.
What should you include in the recommendation? (Each answer presents part of the
solution. Choose all that apply.)

Your network contains an Active Directory domain named contoso.com.
The corporate security policy states that when new user accounts, computer accounts, and
contacts are added to an organizational unit (OU) named Secure, the addition must be
audited.
You need to recommend an auditing solution to meet the security policy.
What should you include in the recommendation? (Each answer presents part of the
solution. Choose all that apply.)

A.
From the Default Domain Controllers Policy, enable the Audit directory services setting.

B.
Create a new Group Policy object (GPO) that is linked to the Secure OU, and then modify
the Audit directory services setting.

C.
From the Secure OU, modify the Auditing settings.

D.
From the Default Domain Controllers Policy, enable the Audit object access setting.

E.
From the Secure OU, modify the Permissions settings.

F.
Create a new Group Policy object (GPO) that is linked to the Secure OU, and then modify
the Audit object access setting.

Explanation:
A, C
Creating a New Object: Resulting in multiple Event ID 5137 entries containing all attributes
provided explicitly by the security principal that invoked the operation (but not those
automatically generated by the system). Note that similar information also gets recorded if
audit of User Account Management or Directory Service Access is enabled.

Show Hint

Leave a Reply 4

Your email address will not be published. Required fields are marked *

ciscozel

ciscozel

in the exam u can only choose one option

Reply

FSM

FSM

Clear explained in: https://technet.microsoft.com/en-us/library/cc731607%28v=ws.10%29

***Step 1: Enable audit policy.***
By using Group Policy Management, you can turn on the global audit policy, Audit directory service access, which enables all the subcategories for AD DS auditing. If you need to install Group Policy Management, click Add Features in Server Manager. Select Group Policy Management and then click Install.”

*** Step 2: Set up auditing in object SACLs by using Active Directory Users and Computers.***
– Click Start, point to Administrative Tools, and then click Active Directory Users and Computers.
– Right-click the organizational unit (OU) (or any object) for which you want to enable auditing, and then click Properties.
– Click the Security tab, click Advanced, and then click the Auditing tab.
– Click Add, and under Enter the object name to select, type Authenticated Users (or any other security principal), and then click OK.
– In Apply onto, click Descendant User objects (or any other objects).
– Under Access, select the Successful check box for Write all properties.
– Click OK until you exit the property sheet for the OU or other object.

Agree with A & C.

Reply