Microsoft recently released a complete guide to the security settings in Windows 7 and Windows Server 2008 R2 that provides a full explanation of each setting.
The guide is available here:
- Microsoft: Windows 7 Threats and Countermeasures Guide; Security Settings in Windows 7 and Windows Server 2008 R2 (PDF)
The document weighs in at 387 pages so it is quite comprehensive in its explanation of the various ways and means of securing and monitoring a Windows network.
On page 47 we find:
Audit object access
This security audit policy setting enables auditing of the event that is generated by a user who accesses an object—for example, a file, folder, registry key, or printer—that has a SACL that specifies a requirement for auditing.
How many of us have had to try and figure out which user or users are “accidentally” deleting data on a client’s network? Auditing object access is the way to find out.
Check out the guide as it is well worth it to read through and also to use as a reference.
Hat Tip: Yuri Diogenes
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book