Merge remote-tracking branch 'refs/remotes/origin/master' into vs-7781222

2025-06-22 13:53:39 +00:00 · 2016-06-06 10:06:40 -07:00
parent 108fac201b 6d81b651d9
commit 8c7e25552a
46 changed files with 58 additions and 6 deletions
--- a/windows/keep-secure/event-4688.md
+++ b/windows/keep-secure/event-4688.md
@ -175,7 +175,7 @@ This event generates every time a new process starts.

 -   **Process Command Line** \[Version 1, 2\] \[Type = UnicodeString\]**:** contains the name of executable and arguments which were passed to it. You must enable “Administrative Templates\\System\\Audit Process Creation\\Include command line in process creation events” group policy to include command line in process creation events:

-    <img src="images/group-policy.png" alt="Group policy illustration" width="790" height="171" />
+    <img src="images/group-policy.png" alt="Group policy illustration" width="490" height="448" />

    By default **Process Command Line** field is empty.

--- a/windows/keep-secure/event-4713.md
+++ b/windows/keep-secure/event-4713.md
@ -101,7 +101,7 @@ This event is generated only on domain controllers.

 This event shows changes in “Kerberos policy”. Here is location of Kerberos policies in Group Policy management console:

-<img src="images/group-policy-editor.png" alt="Group policy editor illustration" width="490" height="448" />
+<img src="images/group-policy-editor.png" alt="Group policy editor illustration" width="790" height="171" />

 ## Security Monitoring Recommendations