Den är i skrivande stund senast uppdaterad 2010-01-18, men teamet som skrivit sidan har gått ut och sagt att man vill fortsätta och lägga till nya saker på denna sida när/om de dyker upp.
Ämnen som täcks är (jag kör en copy-paste och hoppar över att översätta, ren lathet..):
- What is Windows security auditing and why might I want to use it?
- What is the difference between audit policies located in Local Policies\Audit Policy and audit policies located in Advanced Audit Policy Configuration?
- What is the interaction between basic audit policy settings and advanced audit policy settings?
- How are audit settings merged by Group Policy?
- What is the difference between an object DACL and an object SACL?
- Why is audit policy applied on a per-computer basis rather than per user?
- What are the differences in auditing functionality between versions of Windows?
- Can I use advanced audit policy from a domain controller running Windows Server 2003 or Windows 2000 Server?
- What is the difference between success and failure events? Is something wrong if I get a failure audit?
- How can I set an audit policy that affects all objects on a computer?
- How do I figure out why someone got access to a resource?
- How do I know when changes to access control are made, by whom, and what the changes were?
- How can I monitor whether changes are made to audit policy settings?
- How can I minimize the number of events that are generated?
- What are the best tools to model and manage audit policy?
- Where can I find information about all the possible events I might receive?
- Where can I find more detailed information?
Orginalsidan hittar man här:
Inga kommentarer:
Skicka en kommentar