Auditing Security Events The network administrator will next need to perform auditing on the network to determine exactly what is accruing on the daily basis. Security related events are recorded in the window event log. Auditing can be a one or two part process, depending upon which is being audited. You can control what type of security related events are added to the log by adjusting the Audit Policy settings. Following steps guide you t'2 adjust the Audit Policy settings.
1. Log on as an Administrator.
2. Click on Start button and place mouse-pointer over Programs. In list of programs, place the mouse-pointer over the Administrative Tools. A sub-menu appears. Click over the Domain Controller Security Policies option.
3. Domain Controller Security Policies window appears. In left pane, click over Local polices. In details pane, double-click over Audit Policy.
4. To change audit polices, double-click over the security event that you want to change and then select success or failure.
5. Repeat step 4 for any other event that you want to change.
6. Close the Group Policy Object Editor.
Reply With Quote
Copyright Techfuels
Bookmarks