Illustration of Windows Management Instrumentation (WMI) tools for offense, defense, and forensic analysis. Illustration of Windows Management Instrumentation (WMI) tools for offense, defense, and forensic analysis.

Windows 10 Security Auditing and Monitoring Reference

Microsoft has published a very useful reference (from a digital forensic point of view) by Andrei Miroshnikov.

Windows-10-Security-Auditing-and-Monitoring-reference-weare4n6

This document contains:
• Detailed technical descriptions for most of the advanced security audit policies that are included with Windows 10.
• Monitoring recommendations for security events to include in advanced security audit policies.
• Recommendations for Group Policy settings for advanced security audit policy for domain controllers, workstations, and member servers.

[su_button url=”https://www.microsoft.com/en-us/download/details.aspx?id=52630″ target=”blank” style=”flat” background=”#222348″ size=”7″ radius=”0″]Download[/su_button]

Leave a Reply

Your email address will not be published. Required fields are marked *