[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253164

 
 

909

 
 

197077

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 196303 Download | Alert*

This subcategory reports when packets are dropped by Windows Filtering Platform (WFP). These events can be very high in volume. Events for this subcategory include: ? 5152: The Windows Filtering Platform blocked a packet. ? 5153: A more restrictive Windows Filtering Platform filter has blocked a packet. Refer to the Microsoft Knowledgebase article ?Description of security events in Windows Vista ...

This subcategory reports when a user logs off from the system. These events occur on the accessed computer. For interactive logons, the generation of these events occurs on the computer that is logged on to. If a network logon takes place to access a share, these events generate on the computer that hosts the accessed resource. If you configure this setting to No auditing, it is difficult or impos ...

This subcategory reports the addition and removal of objects from WFP, including startup filters. These events can be very high in volume. Events for this subcategory include: ? 4709: IPsec Services was started. ? 4710: IPsec Services was disabled. ? 4711: May contain any one of the following: - PAStore Engine applied locally cached copy of Active Directory storage IPsec policy on the computer ...

This subcategory reports encrypt or decrypt calls into the data protections application interface (DPAPI). DPAPI is used to protect secret information such as stored password and key information. Events for this subcategory include: ? 4692: Backup of data protection master key was attempted. ? 4693: Recovery of data protection master key was attempted. ? 4694: Protection of auditable protected dat ...

This subcategory reports other types of security policy changes such as configuration of the Trusted Platform Module (TPM) or cryptographic providers. Events for this subcategory include: ? 4909: The local policy settings for the TBS were changed. ? 4910: The group policy settings for the TBS were changed. ? 5063: A cryptographic provider operation was attempted. ? 5064: A cryptographic context op ...

This subcategory reports when applications attempt to generate audit events by using the Windows auditing application programming interfaces (APIs). Events for this subcategory include: ? 4665: An attempt was made to create an application client context. ? 4666: An application attempted an operation: ? 4667: An application client context was deleted. ? 4668: An application was initialized. Refer ...

This subcategory reports the creation of a process and the name of the program or user that created it. Events for this subcategory include: ? 4688: A new process has been created. ? 4696: A primary token was assigned to process. Refer to the Microsoft Knowledgebase article ?Description of security events in Windows Vista and in Windows Server 2008? for the most recent information about this sett ...

This subcategory reports when a process terminates. Events for this subcategory include: ? 4689: A process has exited. Refer to the Microsoft Knowledgebase article ?Description of security events in Windows Vista and in Windows Server 2008? for the most recent information about this setting: http://support.microsoft.com/default.aspx/kb/947226. Fix: (1) GPO: Computer Configuration\Windows Settin ...

This subcategory reports generated by Kerberos ticket request processes on the domain controller that is authoritative for the domain account. Events for this subcategory include: ? 4769: A Kerberos service ticket was requested. ? 4770: A Kerberos service ticket was renewed. ? 4773: A Kerberos service ticket request failed. Refer to the Microsoft Knowledgebase article ?Description of security eve ...

Visual Studio Code Github Pull Requests Extension is installed


Pages:      Start    19230    19231    19232    19233    19234    19235    19236    19237    19238    19239    19240    19241    19242    19243    ..   19630

© SecPod Technologies