The Configuration and Activation of Auditing Files

Go Back

Week 1 Discussion

Lionel Sharpe

Professor Sandra Stuart

Sanford Brown Online

The configuration and activation of auditing files, users, or other system objects, help personnel to fix problems with breaches, modified settings, and unauthorized access of files. This will help the administrator to check on certain behaviors that they would like to implement changes on, or pull the employee to discuss their unsecure behaviors in the system. The audit is always in reference to business related and security issues that have rules that are used to track certain activities. They are as follows.

  • It is to monitor how the Group Administrator changes the settings on the data that is used or the servers and files that contain important information on assets or money that the company has.
  • It is also used to monitor how an employee that is in a special group, accesses files or information and logs in and out of the files. It also sets the amount of incorrect logins and reports to the system administrator that a certain employee has tried to access a file that has had a large amount of bad logs. This causes the system to have to set a new password for the file and erase the log errors that occur from this happening.
  • The SACL is applied to all the files and folders and also the registry key, so that they can provide a secure and safe way to protect files and registry keys from unauthorized access.
  • The Audit Policy allows you to select the certain behaviors that you would like to view and monitor, so that you can exclude these logs or behaviors and also, change behaviors that cause an overload of log entries to the system. This system will allow you to monitor all behaviors access, administrative procedures that are done and unauthorized access that can cause the system to become corrupted, and have to be changed around due to security issues.

    • Configuration

    For the configuration, when this is applied, different things on the computer that are running can be audited to help secure accounts. These different policy settings are as follows.

  • Logons for the accounts that they have.
  • Management of the accounts.
  • Tracking of the detailed accounts.
  • Access to DS.
  • And last, the logon and logoff of employees who access the system, with approval, and without approval.

    • References

    Advanced Security Audit Policy Settings. (n.d.). Retrieved April 8, 2015, from https://technet.microsoft.com/en-us/library/dn319056.aspx

    APA formatting by BibMe.org.

    Created on April 08, 2015 by Lionel Sharpe || Professor Sandra Stuart

    Form (rr15a) Code:3301627005-GA

    Form (rr15b) Code:3301627006-NJ

    Copyright © 2013 Bridgetonia Inc.|| All Rights Reserved