Microsoft recently released a complete guide to the security settings in Windows 7 and Windows Server 2008 R2 that provides a full explanation of each setting.
The guide is available here:
The document weighs in at 387 pages so it is quite comprehensive in its explanation of the various ways and means of securing and monitoring a Windows network.
On page 47 we find:
Audit object access
This security audit policy setting enables auditing of the event that is generated by a user who accesses an object—for example, a file, folder, registry key, or printer—that has a SACL that specifies a requirement for auditing.
How many of us have had to try and figure out which user or users are “accidentally” deleting data on a client’s network? Auditing object access is the way to find out.
Check out the guide as it is well worth it to read through and also to use as a reference.
Hat Tip: Yuri Diogenes
Philip Elder
MPECS Inc.
Microsoft Small Business Specialists
Co-Author: SBS 2008 Blueprint Book
*Our original iMac was stolen (previous blog post). We now have a new MacBook Pro courtesy of Vlad Mazek, owner of OWN.
No comments:
Post a Comment