Windows Sunucu Denetim İlkelerinin Ayarlanması
Etki alanınızda bulunan sunucular (2003, 2008 R2, gibi) için denetim ilkelerinin belirlenmesi ve etki alanındaki tüm sunuculara uygulanması güvenlik açısından çok önemlidir. Aşağıdaki komutlar bir bat dosyası ile grup politikası (GPO) veya SCCM ile etki alanınızdaki sunucularınıza uygulanabilir.
auditpol /set /subcategory:”IPsec Driver” /success:enable /failure:enable
auditpol /set /subcategory:”Security State Change” /success:enable /failure:enable
auditpol /set /subcategory:”Security System Extension” /success:enable /failure:enable
auditpol /set /subcategory:”Process Creation” /success:enable /failure:disable
auditpol /set /subcategory:”Audit Policy Change” /success:enable /failure:enable
auditpol /set /subcategory:”Computer Account Management” /success:enable /failure:disable
auditpol /set /subcategory:”Other Account Management Events” /success:enable /failure:disable
auditpol /set /subcategory:”Credential Validation” /success:enable /failure:disable
auditpol /set /subcategory:”Logoff” /success:enable /failure:disable
auditpol /set /subcategory:”Logon” /success:enable /failure:enable
auditpol /set /subcategory:”Special Logon” /success:enable /failure:disable
auditpol /set /subcategory:”File System” /success:disable /failure:enable
auditpol /set /subcategory:”Registry” /success:disable /failure:enable
auditpol /set /subcategory:”Sensitive Privilege Use” /success:enable /failure:enable
auditpol /set /subcategory:”Authentication Policy Change” /success:enable /failure:disable
auditpol /set /subcategory:”Security Group Management” /success:enable /failure:enable
auditpol /set /subcategory:”User Account Management” /success:enable /failure:enable
auditpol /set /subcategory:”Directory Service Changes” /success:enable /failure:disable