Auditing And Logs

Auditing And Logs

Most operating systems include a logging and auditing facility. To set the security auditing policies in Windows, navigate to Windows: Administrative Tools> Local Security Policy> Local Policies> Audit Policy. You will see that Windows can record successful and failed attempts to log on, access resources, and other potentially sensitive operations. You can enable auditing for a specific resource by opening its properties sheet to the Security tab, selecting Advanced, and then the Auditing tab. To review the security log, navigate to Windows: Administrative Tools> Event Viewer. You will see the security log, as well as logs that contain application error and system error reports. Review the settings and logs on your computer. In a 2- to 3-page report, address the following:

  • Your main findings, especially situations you want to investigate
  • Auditing settings you would like to modify
  • Additional information you find helpful in the logs
  • Suggestions to improve the audit and logging user interface

Research the Windows Management Interface (WMI). How could WMI help you with some of the changes you have proposed?

“Get 15% discount on your first 3 orders with us”
Use the following coupon
FIRST15

Order Now

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *