立即与支持人员聊天
与支持团队交流

Change Auditor 7.3 - Built-in Reports Reference Guide

Introduction Built-in reports
Active Directory Federation Services AD Query All Events Authentication Services Azure Active Directory Defender Office 365 Logon Activity Skype for Business Recommended Best Practices Regulatory Compliance
FISMA (Federal Information Security Management Act)
NIST SP 800-53 | Technical Controls | Accountability (Including Audit Trails) | A01 – User Association NIST SP 800-53 | Technical Controls | Accountability (Including Audit Trails) | A02 – Content of Audit Records NIST SP 800-53 | Technical Controls | Accountability (Including Audit Trails) | A03 – Auditable Events NIST SP 800-53 | Technical Controls | Accountability (Including Audit Trails) | A04 – Audit Processing NIST SP 800-53 | Technical Controls | Identification and Authentication | IA02 – Remote, Privileged Access Authentication NIST SP 800-53 | Technical Controls | Identification and Authentication | IA03 – Password Protection Mechanisms NIST SP 800-53 | Technical Controls | Identification and Authentication | IA04 – Password Life NIST SP 800-53 | Technical Controls | Identification and Authentication | IA05 – Password Content NIST SP 800-53 | Technical Controls | Identification and Authentication | IA12 – Remote Access Identification Authentication NIST SP 800-53 | Technical Controls | Identification and Authentication | IA16 – Password Management NIST SP 800-53 | Technical Controls | Logical Access Control | AC01 - Remote Access Restrictions NIST SP 800-53 | Technical Controls | Logical Access Control | AC02 - Logon Notification Message NIST SP 800-53 | Technical Controls | Logical Access Control | AC05 - Session Inactivity NIST SP 800-53 | Technical Controls | Logical Access Control | AC06 - Limited Connection Time NIST SP 800-53 | Technical Controls | Logical Access Control | AC09 - Enforcement Mechanisms NIST SP 800-53 | Technical Controls | Logical Access Control | AC10 - Automated Account Controls NIST SP 800-53 | Technical Controls | Logical Access Control | AC12 - Supervision and Review NIST SP 800-53 | Technical Controls | Logical Access Control | AC14 - Authorization Procedures NIST SP 800-53 | Technical Controls | System and Communications Protection | SP02 - Information System Partitioning NIST SP 800-53 | Technical Controls | System and Communications Protection | SP04 - Denial of Service Protection NIST SP 800-53 | Technical Controls | System and Communications Protection | SP05 - Resource Priority NIST SP 800-53 | Technical Controls | System and Communications Protection | SP06 - Boundary Protection NIST SP 800-53 | Technical Controls | System and Communications Protection | SP07 - Network Segregation NIST SP 800-53 | Technical Controls | System and Communications Protection | SP09 - Network Disconnect NIST SP 800-53 | Technical Controls | System and Communications Protection | SP11 - Trust Path NIST SP 800-53 | Technical Controls | System and Communications Protection | SP16 - Use of Encryption
GLBA (Gramm-Leach-Bliley Act) GDPR HIPAA (Health Insurance Portability and Accountability Act) Payment Card Industry SAS 70 (Statement on Auditing Standards, Service Organizations) SOX (Sarbanes-Oxley General IT Controls Evidence based on the COBIT Framework)
Security SharePoint SQL Data Level SQL Extended Events Threat Detection

Domain Wide Configuration Activity | Domain Admins

| Domain Admins

Search generated for each domain in forest:

Forest Changes by Activity

Forest Wide Configuration Activity | Enterprise Admins

| Enterprise Admins
All Domain changes performed in last 14 days
Who = All Users
What = Domain Configuration facility; Configuration Monitoring facility
Where = Domain Controller
When = Last 14 days
Origin = All domain controllers
All Forest changes performed in last 14 days
Who = All Users
What = Forest Configuration facility
Where = All sources
When = Last 14 days
Origin = All workstations/servers
All Replication changes performed in last 14 days
Who = All Users
What = Replication Transport facility
Where = All sources
When = Last 14 days
Origin = All workstations/servers
All Site changes performed in last 14 days
Who = All Users
What = Site Added; Site Removed; Site Renamed; Site Link Added; Site Link Removed; Site Link Bridge Added; Site Link Bridge Removed
Site Configuration facility; Site Link Bridge Configuration facility; Site Link Configuration facility; Connection Object facility; Subnets facility
Where = All sources
When = Last 14 days
Origin = All workstations/servers

Forest Wide Configuration Activity | Schema Admins

| Schema Admins
All Schema changes performed in last 14 days
Who = All Users
What = Schema Configuration facility
Schema FMSO Role Owner Moved; Schema Modifications Allowed Flag Changed
Where = All sources
When = Last 14 days
Origin = All workstations/servers
相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级