Course info
Nov 28, 2017
1h 24m

Good auditing practices are essential to ensure a server is kept secure and reliable. In this course, Auditing Windows Server 2016 for Security and Practices, you'll be guided through the advanced auditing settings in Windows Server 2016. First, you'll learn how to keep track of information about how users are signing into systems. Next, you’ll discover how and when objects on a system are accessed. Finally, you'll explore how to know when a critical change occurred in a system. When you're finished with this course, you’ll have the knowledge needed to properly set up auditing in your Windows Server 2016 environment and prevent a threat to your company’s security and productivity. Software required: Windows Server 2016.

About the author
About the author

Gary has been working in Information Technology for over 15 years. He has worked with Exchange Server since version 5.5 and has experience in both training and hands on implementations. His energetic delivery and passion for technology makes him a popular trainer. He has developed many online courses and delivers training all over the world.

More from the author
Implementing Microsoft Azure Backup
1h 52m
May 21, 2019
Using Microsoft Azure Resource Groups
1h 26m
Aug 27, 2018
Microsoft Hybrid Identity - Overview
2h 56m
Apr 5, 2018
More courses by Gary Grudzinskas
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone, my name is Gary Grudzinskas and welcome to my course, Auditing Windows Server 2016 for Security and Practices. I'm an independent contractor and author, I've been working with auditing Windows Server for a number of years. Auditing can be the most effective way of securing and optimizing your network. It's a good thing to learn. And in this course we are going to go over how to audit Windows Server 2016, we'll cover using the Event Viewer, auditing account activity, auditing the access to objects, and auditing things on the system itself. By the end of this course you'll know how and why to set up auditing in a Windows Server 2016 system. Before beginning this course you should have some familiarity with Windows 2012 or Windows 2016, and you should know the basic auditing procedures. I hope you'll join me on this journey to learn how to keep watch over systems on your network with the Auditing Windows Server 2016 for Security and Practices course, here at Pluralsight.

Course Setup
Hello and welcome to this course, Auditing Windows Server 2016 for Security and Practices. This is module 1, COURSE SETUP. My name is Gary Grudzinskas, I am a system's engineer and author here at Pluralsight. Here's what we're going to do. We'll start by setting up the host machine, and then deploy the virtual machines required, and then configure the virtual machines. Now, if you have your own lab set up with the domain controller, chances are you can use that lab for this course. We're also going to cover the Event Viewer. If you're already familiar with Event Viewer, feel free to skip to module 2, but if you're not, I will show you how to examine the Event Viewer, investigate an event, and how to use PowerShell for the Event Viewer. We start off by setting up the host machine.

Auditing Accounts
This is about auditing accounts. I'm going to show you the settings for auditing, and we're going to begin by auditing a simple logon and logoff event, and then account logons, group membership and account logouts, and audit other logon events.

Auditing Resource Access
In this module we will be Auditing Resource Access. I'm Gary Grudzinskas and this is what we are going to do. We are going to audit detailed tracking, audit shared resources, audit the file system, audit tasks, and audit any changes made to the registry. We begin by auditing detailed tracking.

Auditing the System
Welcome to this module, Auditing the System, I'm Gary Grudzinskas, here's what we're going to do. We will be setting up auditing for policy change, so any important policy you might need to know about, we can set that up. Auditing the system itself, auditing privilege use, and then finally, global access auditing, we'll begin by auditing for policy change.