Export (0) Print
Expand All
5 out of 9 rated this helpful - Rate this topic

Access Check and Audit Generation

When a subject attempts to access an object, the object manager calls the function AccessCheckAndAuditAlarm to determine if access is allowed, denied, or audited. The function approaches the job in two phases. First, it determines whether the subject is allowed or denied access. Then it determines whether it needs to generate an auditing entry in the security log.

Did you find this helpful?
(1500 characters remaining)
Thank you for your feedback
© 2014 Microsoft. All rights reserved.