Top 12 Events to Monitor in the Windows Server Security Log

About this webinar

Recorded: February 6, 2018

Last year we spent a lot of time, and rightly so, on Active Directory and domain controllers. But don’t forget your member servers. That’s where your data actually resides and bad guys can make a lot of noise once inside a member server that you won’t hear if you are only watching Active Directory. There’s a wealth of security information available in their logs. In this webinar, Randy Franklin Smith highlights the 12 most important things to monitor in the Security Log of your Windows servers:

  1. Audit policy changes
  2. User right assignments
  3. Local account authentication policy changes
  4. Local user account changes
  5. Local account enumeration
  6. Logon right changes
  7. Local group membership changes
  8. New software installed
  9. Failed logon attempts
  10. Any attempt to logon as local Administrator
  11. Firewall policy change
  12. New device attached
Hosted by
Adam Stetson,
Systems engineer
Randy Franklin Smith,
CEO, Monterey Technology Group, Inc.

Active Directory 101: Install and Configure AD Domain Services

This webinar covers the first section of Exam 70-742, which focuses on effective installation and administration of Active Directory. In addition to providing step-by-step training from an AD expert, the session also explores the potential pitfalls of AD configuration and ways to ensure your configuration enhances the security of your IT environment.

Register for this session to learn:

  • How to install and configure domain controllers (DCs)
  • Best practices for creating AD users and computers
  • How to effectively approach AD group and organizational unit (OU) management
  • How Netwrix Auditor’s reporting functionality can help you identify security gaps in your AD configuration and maintain good IT hygiene
23
April
10am PDT
23 April, 10am PDT
Register Now