PolicyChange_AuditPolicyChange

This policy setting allows you to audit changes in the security audit policy settings such as the following: Settings permissions and audit settings on the Audit Policy object. Changes to the system audit policy. Registration of security event sources. De-registration of security event sources. Changes to the per-user audit settings. Changes to the value of CrashOnAuditFail. Changes to the system access control list on a file system or registry object. Changes to the Special Groups list.

Audit Policy CSPMicrosoftLearn

PreviousAccountLogon_AuditOtherAccountLogonEvents NextPolicyChange_AuditAuthenticationPolicyChange

Last updated 2 years ago