Monitoring the creation or modification of objects gives you a way to track potential security problems, helps to ensure user accountability, and provides evidence in the event of a security breach.
The most common types of events to be audited are:
- Access to objects, such as files and
folders.
- Management of user accounts and group
accounts.
- Users logging on to and logging off from the
system.
This section contains: