deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-21 05:13:40 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

warning fixed

Browse Source
This commit is contained in:
v-hearya
2021-04-28 01:52:59 +05:30
parent e81d9a5a8b
commit ac51f3d452
5 changed files with 22 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/deployment/windows-10-poc-sc-config-mgr.md
View File

@ -854,7 +854,7 @@ Set-VMNetworkAdapter -VMName PC4 -StaticMacAddress 00-15-5D-83-26-FF
6. When a popup dialog box asks if you want to run full discovery, click **Yes**.
7. In the Assets and Compliance workspace, click **Devices** and verify that the computer account names for SRV1 and PC1 are displayed. See the following example (GREGLIN-PC1 is the computer account name of PC1 in this example):
![assets](images/configmgr-assets.png)
![assets](./images/configmgr-assets.png)
>If you do not see the computer account for PC1, try clicking the **Refresh** button in the upper right corner of the console.

36
windows/security/threat-protection/auditing/advanced-security-auditing-faq.yml
View File

@ -25,24 +25,24 @@ summary: |
This topic for the IT professional lists questions and answers about understanding, deploying, and managing security audit policies.
- [What is Windows security auditing and why might I want to use it?](#bkmk-1)
- [What is the difference between audit policies located in Local Policies\\Audit Policy and audit policies located in Advanced Audit Policy Configuration?](#bkmk-2)
- [What is the interaction between basic audit policy settings and advanced audit policy settings?](#bkmk-3)
- [How are audit settings merged by Group Policy?](#bkmk-4)
- [What is the difference between an object DACL and an object SACL?](#bkmk-14)
- [Why are audit policies applied on a per-computer basis rather than per user?](#bkmk-13)
- [What are the differences in auditing functionality between versions of Windows?](#bkmk-12)
- [Can I use advanced audit policy from a domain controller running Windows Server 2003 or Windows 2000 Server?](#bkmk-15)
- [What is the difference between success and failure events? Is something wrong if I get a failure audit?](#bkmk-5)
- [How can I set an audit policy that affects all objects on a computer?](#bkmk-6)
- [How do I figure out why someone was able to access a resource?](#bkmk-7)
- [How do I know when changes are made to access control settings, by whom, and what the changes were?](#bkmk-8)
- [How can I roll back security audit policies from the advanced audit policy to the basic audit policy?](#bkmk-19)
- [How can I monitor if changes are made to audit policy settings?](#bkmk-10)
- [How can I minimize the number of events that are generated?](#bkmk-16)
- [What are the best tools to model and manage audit policy?](#bkmk-17)
- [Where can I find information about all the possible events that I might receive?](#bkmk-11)
- [Where can I find more detailed information?](#bkmk-18)
- [What is Windows security auditing and why might I want to use it?](#what-is-windows-security-auditing-and-why-might-i-want-to-use-it-)
- [What is the difference between audit policies located in Local Policies\\Audit Policy and audit policies located in Advanced Audit Policy Configuration?](#what-is-the-difference-between-audit-policies-located-in-local-policies--audit-policy-and-audit-policies-located-in-advanced-audit-policy-configuration-)
- [What is the interaction between basic audit policy settings and advanced audit policy settings?](#what-is-the-interaction-between-basic-audit-policy-settings-and-advanced-audit-policy-settings-)
- [How are audit settings merged by Group Policy?](#how-are-audit-settings-merged-by-group-policy-)
- [What is the difference between an object DACL and an object SACL?](#what-is-the-difference-between-an-object-dacl-and-an-object-sacl-)
- [Why are audit policies applied on a per-computer basis rather than per user?](#why-are-audit-policies-applied-on-a-per-computer-basis-rather-than-per-user-)
- [What are the differences in auditing functionality between versions of Windows?](#what-are-the-differences-in-auditing-functionality-between-versions-of-windows-)
- [Can I use advanced audit policy from a domain controller running Windows Server 2003 or Windows 2000 Server?](#can-i-use-advanced-audit-policies-from-a-domain-controller-running-windows-server-2003-or-windows-2000-server-)
- [What is the difference between success and failure events? Is something wrong if I get a failure audit?](#what-is-the-difference-between-success-and-failure-events--is-something-wrong-if-i-get-a-failure-audit-)
- [How can I set an audit policy that affects all objects on a computer?](#how-can-i-set-an-audit-policy-that-affects-all-objects-on-a-computer-)
- [How do I figure out why someone was able to access a resource?](#how-do-i-figure-out-why-someone-was-able-to-access-a-resource-)
- [How do I know when changes are made to access control settings, by whom, and what the changes were?](#how-do-i-know-when-changes-are-made-to-access-control-settings--by-whom--and-what-the-changes-were-)
- [How can I roll back security audit policies from the advanced audit policy to the basic audit policy?](#how-can-i-roll-back-security-audit-policies-from-the-advanced-audit-policy-to-the-basic-audit-policy-)
- [How can I monitor if changes are made to audit policy settings?](#how-can-i-monitor-if-changes-are-made-to-audit-policy-settings-)
- [How can I minimize the number of events that are generated?](#how-can-i-minimize-the-number-of-events-that-are-generated-)
- [What are the best tools to model and manage audit policy?](#what-are-the-best-tools-to-model-and-manage-audit-policies-)
- [Where can I find information about all the possible events that I might receive?](#where-can-i-find-information-about-all-the-possible-events-that-i-might-receive-)
- [Where can I find more detailed information?](#where-can-i-find-more-detailed-information-)
sections:

36
windows/security/threat-protection/auditing/advanced-security-auditing.md
View File

@ -1,36 +0,0 @@
---
title: Advanced security audit policies (Windows 10)
description: Advanced security audit policy settings may appear to overlap with basic policies, but they are recorded and applied differently. Learn more about them here.
ms.assetid: 6FE8AC10-F48E-4BBF-979B-43A5DFDC5DFC
ms.reviewer:
ms.author: dansimp
ms.prod: m365-security
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: none
author: dansimp
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: conceptual
ms.date: 04/19/2017
ms.technology: mde
---
# Advanced security audit policies
**Applies to**
- Windows 10
Advanced security audit policy settings are found in **Security Settings\\Advanced Audit Policy Configuration\\System Audit Policies** and appear to overlap with basic security audit policies, but they are recorded and applied differently.
When you apply basic audit policy settings to the local computer by using the Local Security Policy snap-in, you are editing the effective audit policy, so changes made to basic audit policy settings will appear exactly as configured in Auditpol.exe. In Windows 7 and later, advanced security audit policies can be controlled by using Group Policy.
## In this section
| Topic | Description |
| - | - |
| [Planning and deploying advanced security audit policies](planning-and-deploying-advanced-security-audit-policies.md) | This topic for the IT professional explains the options that security policy planners must consider and the tasks they must complete to deploy an effective security audit policy in a network that includes advanced security audit policies |
| [Advanced security auditing FAQ](advanced-security-auditing-faq.yml) | This topic for the IT professional lists questions and answers about understanding, deploying, and managing security audit policies.
| [Using advanced security auditing options to monitor dynamic access control objects](using-advanced-security-auditing-options-to-monitor-dynamic-access-control-objects.md) | This guide explains the process of setting up advanced security auditing capabilities that are made possible through settings and events that were introduced in Windows 8 and Windows Server 2012.
| [Advanced security audit policy settings](advanced-security-audit-policy-settings.md) | This reference for IT professionals provides information about the advanced audit policy settings that are available in Windows and the audit events that they generate.