Recommended Audit Policy Settings The following recommended settings are based on Microsoft and industry best practices. Note that these settings are basic, and more advanced audit configuration settings exist beginning with Windows 7 and Windows Server 2008 R2. See "Advanced Security Audit Policy Step-by-Step Guide" https://technet.microsoft.com/en-us/library/cc778162(v=ws.10).aspx for more information. Audit Policies Audit policies can be set using the Group Policy Manager, where you can find them at: Computer Configuration\Policies\Windows Settings\Security Settings\Local Policies\Audit Policy Default Domain Policy Default Domain Policy applies to all computers on your domain. Configure the following in the Default Domain Policy: Audit account logon events Success, Failure Audit account [...]
About David MattThis author has not yet filled in any details.
So far David Matt has created 3 blog entries.
Eliminating Local Administrative User Access Requirements in Your Environment Back in the Windows 95/98 days, Windows had no file system security, and users always had full control of their systems. With the advent of Windows NT/XP, granular access controls and limited user accounts (LUA) were introduced to enhance security. While LUA's were available, there were many limitations and the default was for users to be administrators of their machines. As a local administrator, users can make any system change they wish, such as install or remove programs, and enable and disable services (such as anti-virus). With the onslaught of viruses [...]
EMET Security Tool The security tool you haven’t heard about. Microsoft’s Enhanced Mitigation Experience Toolkit, or EMET, is a free security tool that has been around for some time, but outside of a few circles, it hasn’t received the attention it deserves. Microsoft recently released version 5.0 of this tool, so it’s a great time to get acquainted if you are unfamiliar. What is EMET? EMET is a system tool from Microsoft that helps prevent vulnerabilities in software from being exploited. As Microsoft Windows has matured through XP, Vista, 7, and 8, many security enhancements have been added to the underlying [...]