Using Windows 8 Advanced Security Auditing Options to Monitor Dynamic Access Control Objects
Letzte Aktualisierung: August 2012
Betrifft: Windows 8, Windows Server 2012
This operations guide demonstrates the process of setting up advanced security auditing capabilities made possible through new settings and events available in Windows 8 and Windows Server 2012. These procedures can be deployed with the advanced security auditing capabilities described in the following documents:
Advanced Security Audit Policy Step-by-Step Guide
Bereitstellen der Sicherheitsüberwachung mit zentralen Überwachungsrichtlinien (Demonstrationsschritte)
In Windows Server 2012, domain administrators will be able to create and deploy expression-based security audit policies using file classification information (resource attributes), user claims, and device claims to target specific users and resources for monitoring of potentially significant activities on one or more computers. These policies can be deployed centrally by using Group Policy, or directly on a computer, in a folder, or in individual files.
The procedures in this document describe how to:
Monitor the Central Access Policies that Apply on a File Server
Monitor the Central Access Policies Associated with Files and Folders
Monitor the Resource Attributes on Files and Folders
Monitor Claim Types
Monitor User and Device Claims During Sign-in
Monitor Central Access Policy and Rule Definitions
Monitor Resource Attribute Definitions
Monitor the Use of Removable Storage Devices.
|The last procedure in this list, Monitor the Use of Removable Storage Devices, can be configured on any computer running Windows Server 2012 or Windows 8. The other procedures can only be deployed as part of a functioning Dynamic Access Control deployment. If you have not yet deployed Dynamic Access Control in your network, see Deploy a Central Access Policy (Demonstration Steps)|
Möchten Sie an der Umfrage teilnehmen?