Abstract: | This second article on NT auditing focuses on controlling users: whether or not they use the system, what they can do once they are in, and how to keep a record of what they have done. As with the operating system configuration that we looked at in the last article, you will need administrator access to review many of the security settings, and to review the security log. You will also be using tools supplied in the NT Resource kit to get listings of information that cannot be effectively scanned online. |