Active Directory Audit Checklist Guide

This document provides a quick reference guide for important Active Directory auditing policy settings. It lists the Advanced Audit Policy Configuration categories and specific policy settings that should be enabled to log changes in Active Directory. It also lists recommended Event Log settings for maximum log sizes and the retention method for the security log.

Uploaded by

rakesh

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

507 views1 page

Active Directory Audit Checklist Guide

Uploaded by

rakesh

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

Active Directory Auditing

This quick reference guide shows you which policy settings to enable
to log important changes in your Active Directory.

Advanced Auditing Policy Settings

Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Advanced Audit Policy Configuration

Category Policy Settings Name Policy Setting

Account Logon Audit Credential Validation Failure
Account Logon Audit Kerberos Authentication Service Success and Failure
Account Logon Audit Kerberos Service Ticket Operations Failure
Account Management Audit Computer Account Management Success
Account Management Audit Other Account Management Events Success
Account Management Audit Security Group Management Success
Account Management Audit User Account Management Success and Failure
Detailed Tracking Audit PNP Activity Success
Detailed Tracking Audit Process Creation Success
DS Access Audit Directory Service Access Failure
DS Access Audit Directory Service Changes Success
Logon/Logoff Audit Account Lockout Failure
Logon/Logoff Audit Group Membership Success
Logon/Logoff Audit Logon Success and Failure
Logon/Logoff Audit Other Logon/Logoff Events Success and Failure
Logon/Logoff Audit Special Logon Success
Object Access Audit Detailed File Share Failure
Object Access Audit File Share Success and Failure
Object Access Audit Other Object Access Events Success and Failure
Object Access Audit Removable Storage Success and Failure
Policy Change Audit Audit Policy Change Success
Policy Change Audit Authentication Policy Change Success
Policy Change Audit MPSSVC Rule-Level Policy Change Success and Failure
Policy Change Audit Other Policy Change Events Failure
Privilege Use Audit Sensitive Privilege Use Success and Failure
System Audit Other System Events Success and Failure
System Audit Security State Change Success
System Audit Security System Extension Success
System Audit System Integrity Success and Failure

Event Log Settings

Computer Configuration -> Policies -> Windows Settings -> Security Settings -> Event Log

Policy Path Policy Settings Name Policy Setting

Event Log Maximum application log size 4194240 kB
Event Log Maximum Security log size 4194240 kB
Event Log Maximum system log size 4194240 kB
Event Log Retention method for security log Overwrite as needed

www.activedirectorypro.com

Active Directory Audit Guide
100% (1)
Active Directory Audit Guide
7 pages
Lateral Movement Detection GPO Settings Cheat Sheet: Accounts, Users and Groups
100% (1)
Lateral Movement Detection GPO Settings Cheat Sheet: Accounts, Users and Groups
1 page
Best Practice Guide For Securing Active Directory Installations and Day-To-Day Operations - Part II
No ratings yet
Best Practice Guide For Securing Active Directory Installations and Day-To-Day Operations - Part II
126 pages
Security Audit Tools Guide
100% (1)
Security Audit Tools Guide
7 pages
Active Directory Security Assessment Guide
100% (1)
Active Directory Security Assessment Guide
16 pages
ISO27k Router Security Audit Checklist 1
100% (1)
ISO27k Router Security Audit Checklist 1
8 pages
HCT Log Management Policy
No ratings yet
HCT Log Management Policy
3 pages
Active Directory Audit
100% (2)
Active Directory Audit
70 pages
Network Audit and Checklist Guide
0% (2)
Network Audit and Checklist Guide
2 pages
SQL Server Audit Checklist
No ratings yet
SQL Server Audit Checklist
1 page
Firewall Audit Work Program Samples
100% (1)
Firewall Audit Work Program Samples
12 pages
Firewall Audit Work Program Overview
No ratings yet
Firewall Audit Work Program Overview
6 pages
Computer Security Audit Checklist
No ratings yet
Computer Security Audit Checklist
5 pages
Firewall Audit Checklist
No ratings yet
Firewall Audit Checklist
10 pages
IT Audit Essentials for Managers
100% (1)
IT Audit Essentials for Managers
32 pages
Wireless Security Administration Checklist
100% (5)
Wireless Security Administration Checklist
4 pages
Assessing IT Reliance and Security Risks
100% (1)
Assessing IT Reliance and Security Risks
8 pages
Network Security Checklist 2009
100% (2)
Network Security Checklist 2009
3 pages
Asset-Based Risk Assessment Guide
100% (1)
Asset-Based Risk Assessment Guide
11 pages
Firewall Check List
No ratings yet
Firewall Check List
7 pages
Vulnerabilities Management Template
No ratings yet
Vulnerabilities Management Template
10 pages
Privileged Access Management Best Practices
No ratings yet
Privileged Access Management Best Practices
7 pages
Acceptable Encryption Policy
No ratings yet
Acceptable Encryption Policy
3 pages
IT Patch Management Guide
No ratings yet
IT Patch Management Guide
3 pages
CIS 18 Critical Security Controls Checklist: Learn How To Achieve CIS® Compliance
No ratings yet
CIS 18 Critical Security Controls Checklist: Learn How To Achieve CIS® Compliance
6 pages
CIS Controls Measures and Metrics V7
No ratings yet
CIS Controls Measures and Metrics V7
55 pages
LAN Security Risk Assessment Checklist
No ratings yet
LAN Security Risk Assessment Checklist
6 pages
IT Security Incident Management SOP
No ratings yet
IT Security Incident Management SOP
3 pages
Checklist
No ratings yet
Checklist
4 pages
Active Directory Security Guide
No ratings yet
Active Directory Security Guide
88 pages
IT Policies-Anti-Virus and Malicious Software Policy
100% (2)
IT Policies-Anti-Virus and Malicious Software Policy
5 pages
Active Directory Disaster Recovery - GPO Restore
No ratings yet
Active Directory Disaster Recovery - GPO Restore
11 pages
IT Password Policy - 2022
No ratings yet
IT Password Policy - 2022
9 pages
Active Directory Security Audit Guide
No ratings yet
Active Directory Security Audit Guide
7 pages
Firewall Policy Guidelines and Administration
No ratings yet
Firewall Policy Guidelines and Administration
8 pages
Control Control Requirements: Statement of Applicability
No ratings yet
Control Control Requirements: Statement of Applicability
3 pages
EDRM Security Questionnaire 1.1
100% (2)
EDRM Security Questionnaire 1.1
39 pages
Information Security Services Overview
No ratings yet
Information Security Services Overview
1 page
Firewall Audit Checklist WP
No ratings yet
Firewall Audit Checklist WP
11 pages
Network Documentation and Auditing
100% (1)
Network Documentation and Auditing
4 pages
Security Awareness Program Guide
100% (1)
Security Awareness Program Guide
25 pages
Computer Security Checklist for Admins
No ratings yet
Computer Security Checklist for Admins
1 page
NIST Cybersecurity Framework Overview
No ratings yet
NIST Cybersecurity Framework Overview
36 pages
IAM Strategy
No ratings yet
IAM Strategy
6 pages
CIS Excel Compliance Overview
No ratings yet
CIS Excel Compliance Overview
5 pages
Windows 2003 AD Security Baseline
No ratings yet
Windows 2003 AD Security Baseline
35 pages
Managed Security Services Pen Test Report
No ratings yet
Managed Security Services Pen Test Report
63 pages
NIST SP 800-53 Rev 4 Access Control Guide
No ratings yet
NIST SP 800-53 Rev 4 Access Control Guide
58 pages
ISO 27002:2013 Changes Summary
No ratings yet
ISO 27002:2013 Changes Summary
8 pages
Network Checklist Ver 2
No ratings yet
Network Checklist Ver 2
10 pages
Active Directory Auditing Best Practices
No ratings yet
Active Directory Auditing Best Practices
16 pages
Audit - Policy - Best - Practices - Security Logs On Windows Servers
No ratings yet
Audit - Policy - Best - Practices - Security Logs On Windows Servers
6 pages
Windows Audit Policy Guide
No ratings yet
Windows Audit Policy Guide
7 pages
IT Admin Guide: Group Policy Setup
No ratings yet
IT Admin Guide: Group Policy Setup
41 pages
Group Policy User and Computer Setup
No ratings yet
Group Policy User and Computer Setup
41 pages
Windows Logging Guide Win7/2008+
100% (1)
Windows Logging Guide Win7/2008+
6 pages
Configuring Audit Policies For File Server
No ratings yet
Configuring Audit Policies For File Server
3 pages
Windows Logging Guide
No ratings yet
Windows Logging Guide
6 pages
Windows Logging Cheat Sheet Overview
No ratings yet
Windows Logging Cheat Sheet Overview
6 pages
Active Directory Logon Auditing Guide
No ratings yet
Active Directory Logon Auditing Guide
38 pages
Super Report Pro
No ratings yet
Super Report Pro
127 pages
NetBackup IT Analytics DC Installation Guide For Cloud v11.4
No ratings yet
NetBackup IT Analytics DC Installation Guide For Cloud v11.4
83 pages
HNS Level 4 Practical Full Document
88% (8)
HNS Level 4 Practical Full Document
5 pages
Warcraft III Critical Error Fix
No ratings yet
Warcraft III Critical Error Fix
5 pages
Infor Solution License Manager Installation and Configuration Guide
No ratings yet
Infor Solution License Manager Installation and Configuration Guide
52 pages
40 Most Useful PowerShell and Command Prompt Commands
100% (1)
40 Most Useful PowerShell and Command Prompt Commands
62 pages
Computer Applications Fundamentals Notes
No ratings yet
Computer Applications Fundamentals Notes
4 pages
Python IDE Setup Guide
No ratings yet
Python IDE Setup Guide
21 pages
RCS4 Manual OP Remote Viewer 2658453192 - 000
No ratings yet
RCS4 Manual OP Remote Viewer 2658453192 - 000
8 pages
Job Sheet Practice Learning Activities:1: All Applications Can Be Downloaded At: Http://202.180.21.17/download
No ratings yet
Job Sheet Practice Learning Activities:1: All Applications Can Be Downloaded At: Http://202.180.21.17/download
7 pages
SMS Based Grade Inquiry Final
92% (12)
SMS Based Grade Inquiry Final
84 pages
1KHW002589 - E Firmware Download For ETL600R4
No ratings yet
1KHW002589 - E Firmware Download For ETL600R4
7 pages
Desktop Assistant Final
No ratings yet
Desktop Assistant Final
15 pages
Hospitality Upgrade 2014 Summer
No ratings yet
Hospitality Upgrade 2014 Summer
198 pages
Software Requirements Specification For Restaurant Management System
100% (1)
Software Requirements Specification For Restaurant Management System
3 pages
USB Input Tool & Data Management
No ratings yet
USB Input Tool & Data Management
2 pages
Ashish Verma Windows Server Administrator Resume 2023 09-01-154530 2
No ratings yet
Ashish Verma Windows Server Administrator Resume 2023 09-01-154530 2
2 pages
Tinderbox2 2.1v8 AECS4
No ratings yet
Tinderbox2 2.1v8 AECS4
166 pages
7 - CBLM CSS
No ratings yet
7 - CBLM CSS
55 pages
Pricer System Manual R5.31.0
100% (1)
Pricer System Manual R5.31.0
109 pages
VPN - Setup and Connect Using The AnyConnect App For Windows - Office of Information Technology
No ratings yet
VPN - Setup and Connect Using The AnyConnect App For Windows - Office of Information Technology
4 pages
How To Troubleshoot The - NTLDR Is Missing - Error Message in Windows Server 2003
No ratings yet
How To Troubleshoot The - NTLDR Is Missing - Error Message in Windows Server 2003
4 pages
VMware Certified Professional On VSphere
No ratings yet
VMware Certified Professional On VSphere
45 pages
Microsoft .Net Framework 4.7 Programming Using C
No ratings yet
Microsoft .Net Framework 4.7 Programming Using C
1 page
Library Management System SRS Document
100% (1)
Library Management System SRS Document
10 pages
Reflectorless Motorised Total Station: GPT-9003M
No ratings yet
Reflectorless Motorised Total Station: GPT-9003M
4 pages
2023 07 29 6
No ratings yet
2023 07 29 6
7 pages
Find System Requirements by Choosing The Product Below
No ratings yet
Find System Requirements by Choosing The Product Below
2 pages
Openmediavault 5 Installation Guide
No ratings yet
Openmediavault 5 Installation Guide
87 pages
SPA-ZC 302 Profibus-DPV1/SPA Gateway: Installation and Commissioning Manual
No ratings yet
SPA-ZC 302 Profibus-DPV1/SPA Gateway: Installation and Commissioning Manual
70 pages