Your IT manager is concerned that someone is tryingto gain access to your company’s computers by logging
on with valid domain user names and various password attempts.
Which audit policy should you monitor for these activities?
A.
Policy Change
B.
Account Logon
C.
Privilege Use
D.
Directory Service Access
Explanation:
The Account Logon audit category in Windows Server 2008 generates events for credential validation. These
events occur on the computer that is authoritative for the credentials