Last Updated on August 1, 2021 by Admin 2
Which of the following is NOT an event category in the Windows Security Log?
- Account management
- Logoff events
- Object access
- Directory service access
While there is a category called Logon events (which will also contain logoff vents), there is no Logoff events category. This category records all local logons and logoffs both successful and unsuccessful.
Object access records all attempts to access resources such as files and folders. Account management records all attempts to make changed to user accounts. Directory service access records all attempts to make changes to Active Directory.
Objective: Host-Based Analysis
Sub-Objective: Interpret these operating system log data to identify an event: Windows security event logs, Unix-based syslog, Apache access logs, IIS access logs