From 71c1b34e98ef1eefc03ead095413c1811a419a23 Mon Sep 17 00:00:00 2001
From: Reece Peacock <49645174+Reeced40@users.noreply.github.com>
Date: Wed, 15 May 2019 14:39:07 +0200
Subject: [PATCH] Update advanced-security-audit-policy-settings.md

Added Note + link.
---
 .../auditing/advanced-security-audit-policy-settings.md         | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
index 842cb0b7bb..a75b11f5ac 100644
--- a/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
+++ b/windows/security/threat-protection/auditing/advanced-security-audit-policy-settings.md
@@ -63,6 +63,8 @@ Detailed Tracking security policy settings and audit events can be used to monit
 -   [Audit Process Termination](audit-process-termination.md)
 -   [Audit RPC Events](audit-rpc-events.md)
 
+> **Note:**  For more information, see [Security Monitoring](https://blogs.technet.microsoft.com/nathangau/2018/01/25/security-monitoring-a-possible-new-way-to-detect-privilege-escalation/)
+
 ## DS Access
 
 DS Access security audit policy settings provide a detailed audit trail of attempts to access and modify objects in Active Directory Domain Services (AD DS). These audit events are logged only on domain controllers. This category includes the following subcategories: