From f91a0d978bd2bcb6089c6ee698e050adb8d1d1ab Mon Sep 17 00:00:00 2001 From: Asha Iyengar Date: Sat, 18 Sep 2021 16:37:27 +0530 Subject: [PATCH] conflict resolved --- windows/security/threat-protection/auditing/event-4776.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/auditing/event-4776.md b/windows/security/threat-protection/auditing/event-4776.md index 4f229b6fa2..f56f581b2a 100644 --- a/windows/security/threat-protection/auditing/event-4776.md +++ b/windows/security/threat-protection/auditing/event-4776.md @@ -145,5 +145,5 @@ For 4776(S, F): The computer attempted to validate the credentials for an accoun | **User logon outside authorized hours** | Can indicate a compromised account; especially relevant for highly critical accounts. | | **User logon from unauthorized workstation** | Can indicate a compromised account; especially relevant for highly critical accounts. | | **User logon to account disabled by administrator** | For example, N events in last N minutes can be an indicator of an account compromise attempt, especially relevant for highly critical accounts. | -| **User logon with expired account** | Can indicate an account compromise attempt; especially relevant for highly critical accounts. | -| **User logon with account locked** | Can indicate a brute-force password attack; especially relevant for highly critical accounts. | +| **User logon with expired account** | Can indicate an account compromise attempt; especially relevant for highly critical accounts. | +| **User logon with account locked** | Can indicate a brute-force password attack; especially relevant for highly critical accounts. |