1 |
p215 |
38. Answer: C. Auditing success events in the account management event category can be used to verify changes that were made to account properties and group properties. Answer A is incorrect. Auditing success events in the policy change event category will record success and failure events in the system events. Answer B is incorrect. Auditing success events in the policy change event category on domain controllers indicates someone has changed the local security authority (LSA). Answer D is incorrect; auditing success events in the logon event category records when each user logs on to or logs off from the computer.
|
Answer: C. Auditing success and failure events in the system event category, allows one to notice unusual activity that may indicate attempts to gain access to the network. Auditing success events in the account management event category can be used to verify changes that were made to account properties and group properties; therefore, answer A is incorrect. Answer B is incorrect: Auditing success events in the policy change event category on domain controllers indicates someone has changed the local security authority (LSA). Answer D is incorrect; auditing success events in the logon event category records when each user logs on to or logs off from the computer. |
9/24/2013 |