Your network contains an Active Directory domain named contoso.com. The domain
contains a server named Server1 that runs Windows Server 2012 R2.
A local account named Admin1 is a member of the Administrators group on Server1.
You need to generate an audit event whenever Admin1 is denied access to a file or folder.
What should you run?
A.
auditpol.exe /set /userradmin1 /failure: enable
B.
auditpol.exe /set /user: admin1 /category: “detailed tracking” /failure: enable
C.
auditpol.exe /resourcesacl /set /type: file /user: admin1 /failure
D.
auditpol.exe /resourcesacl /set /type: key /user: admin1 /failure /access: ga
Explanation:
http: //technet. microsoft. com/en-us/library/ff625687. aspx
To set a global resource SACL to audit successful and failed attempts by a user to perform
generic read and write functions on files or folders:
auditpol /resourceSACL /set /type: File /user: MYDOMAINmyuser /success /failure /access:
FRFW
http: //technet.microsoft.com/en-us/library/ff625687%28v=ws.10%29.aspx
Syntax
auditpol /resourceSACL
[/set /type: <resource> [/success] [/failure] /user: <user> [/access: <access flags>]]
[/remove /type: <resource> /user: <user> [/type: <resource>]]
[/clear [/type: <resource>]]
[/view [/user: <user>] [/type: <resource>]]
http: //technet. microsoft. com/en-us/library/ff625687%28v=ws. 10%29. aspx
http: //technet. microsoft. com/en-us/library/ff625687%28v=ws. 10%29. aspx
http: //technet. microsoft. com/en-us/library/ff625687. aspxhttp: //technet. microsoft. com/en-us/library/ff625687%28v=ws. 10%29. aspx