Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Introduction to Auditing Auditing allows you to track User activities. Microsoft Windows 2000 activities. Windows 2000 records events in the security.

Published byMarsha Burke Modified over 8 years ago

Similar presentations

Presentation on theme: "1 Introduction to Auditing Auditing allows you to track User activities. Microsoft Windows 2000 activities. Windows 2000 records events in the security."— Presentation transcript:

1 1 Introduction to Auditing Auditing allows you to track User activities. Microsoft Windows 2000 activities. Windows 2000 records events in the security log. The security log maintains a record of Valid and invalid logon attempts. Events related to creating, opening, or deleting files or other objects.

2 2 Using an Audit Policy An audit policy defines the types of security events recorded. An event is written to the security log on the computer where it occurs. An audit policy for a computer can Track the success and failure of events. Minimize the risk of unauthorized use of resources.

3 3 Audit Policy Guidelines Determine which computers need auditing. Auditing is turned off by default. Plan what to audit on each computer.

4 4 Events You Can Audit Accessing files and folders Logging on and off Shutting down and restarting a computer Changing user accounts and groups Attempting to make changes to objects in directory services

5 5 Auditing Successful Events, Failed Events, or Both Tracking successful events helps you determine How often Windows 2000 or users gain access to specific objects Resource planning Tracking failed events helps you determine Security breaches Attempted security breaches

6 6 Additional Audit Policy Guidelines Determine if you need to track trends of system use. Plan frequent security log reviews. Define a useful and meaningful audit policy. Audit resource access by using the Everyone group.

7 7 Configuring Auditing Auditing requirements You must have the Manage Auditing And Security Log user right. The files and folders to be audited must be on NTFS volumes. Setting up auditing Set the audit policy. Enable auditing of specific resources.

8 8 Setting an Audit Policy

9 9 The Local Security Policy Dialog Box

10 10 Auditing Access to Files and Folders Security breaches are an issue. After you set up your audit policy to audit object access Enable auditing for specific files and folders. Specify which types of access to audit.

11 11 Events That Can Be Audited for Files and Folders

12 12 Auditing Access to Printers Track sensitive printers. Set your audit policy to audit object access. Enable auditing for specific printers. Specify which users will have access. Specify which type of access to audit.

13 13 Printer Events That Can Be Audited

14 14 Understanding Windows 2000 Logs Use Event Viewer to view Windows 2000 logs. By default, Event Viewer has three logs: Application log. Security log. System log.

15 15 Viewing Security Logs

16 16 Locating Events

17 17 Managing Audit Logs You can control the size of the event log. The size of each log can be from 64 KB to 4 GB. The default size of a log is 512 KB. You can specify what to do when the log is full. Overwrite Events As Needed. Overwrite Events Older Than X Days. Do Not Overwrite Events (Clear Log Manually).

18 18 Archiving Logs Keep logs for a specified period of time to track security- related information. Configure archived logs in Event Viewer. Save Log File As Clear All Events New Log View

Download ppt "1 Introduction to Auditing Auditing allows you to track User activities. Microsoft Windows 2000 activities. Windows 2000 records events in the security."

Similar presentations

Chapter Five Users, Groups, Profiles, and Policies.

Chapter Five Users, Groups, Profiles, and Policies.
Guide to MCSE 70-290, Enhanced 1 Activity 14-1: Browsing Security Templates Objective: To become familiar with built-in security templates Start  Run.

Guide to MCSE , Enhanced 1 Activity 14-1: Browsing Security Templates Objective: To become familiar with built-in security templates Start  Run.
Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.

Module 6: Configuring Windows XP Professional to Operate in a Microsoft Network.
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
 Overview User Accounts Groups User Rights Permissions.

 Overview User Accounts Groups User Rights Permissions.
1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.

1 Chapter Overview Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions.
Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.

Chapter 9 Chapter 9: Managing Groups, Folders, Files, and Object Security.
Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.

Configuring Windows Vista Security Chapter 3. IE7 Pop-up Blocker Pop-up Blocker prevents annoying and sometimes unsafe pop-ups from web sites Can block.
1 Distributed File System, and Disk Quotas (Week 7, Thursday 2/21/2007) © Abdou Illia, Spring 2007.

1 Distributed File System, and Disk Quotas (Week 7, Thursday 2/21/2007) © Abdou Illia, Spring 2007.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 14: Windows Server 2003 Security Features.
12.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

12.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 14: Windows Server 2003 Security Features.
Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.

Chapter 6: Configuring Security. Group Policy and LGPO Setting Options Software Installation not available with LGPOs Remote Installation Services Scripts.
5.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.

5.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 5: Working with File Systems.
Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.

Hands-On Microsoft Windows Server 2003 Administration Chapter 6 Managing Printers, Publishing, Auditing, and Desk Resources.
Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.

Chapter 8 Chapter 8: Managing the Server Through Accounts and Groups.
Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.

Check Disk. Disk Defragmenter Using Disk Defragmenter Effectively Run Disk Defragmenter when the computer will receive the least usage. Educate users.
1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.

1 Securing Network Resources Understanding NTFS Permissions Assigning NTFS Permissions Assigning Special Permissions Copying and Moving Files and Folders.
© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.

© N. Ganesan, Ph.D., All rights reserved. Active Directory Nanda Ganesan, Ph.D.

Similar presentations

Ads by Google