Trey Research must determine the best auditing strategy to use for its Windows 2000 network. Your solution must identify the computers, events, and objects that you want to audit.
The network administrator at Trey Research has provided the following objectives for auditing. The Trey Research administrator must be able to determine the following information from the security log:
To meet these auditing requirements, you must analyze each of the requirements and determine what audit policy must be defined and whether to audit successes or failures or both.
Answer the following questions about this situation. The answers to these questions can be found in the appendix.
Policy | Success | Failure |
---|---|---|
Audit account management | ||
Audit account logon events | ||
Audit directory service access | ||
Audit logon events | ||
Audit object access | ||
Audit policy changes | ||
Audit privilege use | ||
Audit process tracking | ||
Audit system events |
Answers