Security Auditing

As sanitation engineers and quantum physicists have long known, just because you can't see something doesn't mean it isn't there. Even if you have a small organization where everyone gets along with each other and no one would even dream of damaging the system, you need to take precautions.

This brings us to the final leg of the security triad, which is auditing. Any activity involving Windows security objects can be monitored and logged. This can require a lot of work on the part of your servers, so you should choose your auditing points carefully.

This section discusses how to configure auditing, what to audit, when to audit, how to interpret the audit logs, and how to set up systems to notify you in case of an audit warning ...

Get Inside Windows® Server 2003 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.