You need to log user permissions changes on server or on a domain controller. You
also need to log changes to the local security account manager objects on all servers.
What should you do?
A. Configure auditing of privilege user and object access on all servers and domain
controllers and set it to failure.
B. Configure auditing of policy change and account management on all servers and
domain controllers and set it to success.
C. Configure auditing of process tracking and logon events on all servers and domain
controllers and set it to success.
D. Configure auditing of system events and directory service access on all servers and 350-001 domain controllers and set it to failure.
Answer: B
Explanation: Auditing for policy change events allows you to see attempts to alter
policy settings, including changes to audit policies. And auditing the account
management on all servers and domain controllers allows you to see attempts to
alter security account manager objects.640-802 If you want to log changes that are made to
servers and domain controllers and want to track when local security account
manager objects are being modified then you need to success audit for policy change
events and account management on all servers and domain controllers.
Incorrect answers:
A: These options of auditing will not work; you need to enable success audit and not
failure audit.
C: Auditing process tracking events monitors processes running on computers. Logon
events
Leading the way in IT testing and certification tools, www.certifyme.com
- 30 -
are generated when a user logs on to or off of a computer. Every time a user logs on or
off, whether on a workstation or server, an event is generated.VCP-310 Even enabling success
auditing will not provide you with the correct information to do your task.
D: These options of auditing will not work; you need to enable success audit and not
failure audit. Furthermore, System events are generated when the computer environment
is changed in some significant way, either by a user or by a process; and Directory
Service access events record when directory services were accessed. You need to audit
for policy change and account management.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment