You have a computer that runs Windows 10. The computer contains a folder. The folder contains sensitive data.
You need to log which user reads the contents of the folder and modifies and deletes files
in the folder.
You need to log which user reads the contents of the folder and modifies and deletes files in the folder.
Solution: from the properties of the folder, you configure the Auditing settings and from the Audit Policy in the local Group Policy, you configure Audit system events.
Does this meet the goal?
A . Yes
B . No
Answer: B
Explanation:
Files and folders are objects and are audited through object access, not though system events.
References: https://www.netwrix.com/how_to_detect_who_changed_file_or_folder_owner.html