Home » Microsoft » 70-640 » Which tool should you use?
Your network contains an Active Directory domain named contoso.com. The functional level of the forest is Windows Server 2008 R2.
The Default Domain Controller Policy Group Policy object (GPO) contains audit policy settings. On a domain controller named DC1, an administrator configures the Advanced Audit Policy Configuration settings by using a local GPO.
You need to identify what will be audited on DC1.
Which tool should you use?
A. Get-ADObject
B. Secedit
C. Security Configuration and Analysis
D. Auditpol
Correct Answer: D
Explanation/Reference:
Reference 1:
http://technet.microsoft.com/en-us/library/cc772576.aspx
Auditpol get
Retrieves the system policy, per-user policy, auditing options, and audit security descriptor object.
Reference 2:
Windows Server 2008 R2 Unleashed (SAMS, 2010)
page 670
You can use the AUDITPOL command to get and set the audit categories and subcategories. To retrieve a list of all the settings for the audit categories and subcategories, use the following command:
auditpol /get /category:*