Administering Windows Server 2012 — Question 46

Your network contains an Active Directory domain named adatum.com.
You need to audit changes to the files in the SYSVOL shares on all of the domain controllers. The solution must minimize the amount of SYSVOL replication traffic caused by the audit.
Which two settings should you configure? (Each correct answer presents part of the solution. Choose two.)

Answer options

• A. Audit Policy\Audit system events
• B. Advanced Audit Policy Configuration\DS Access
• C. Advanced Audit Policy Configuration\Global Object Access Auditing
• D. Audit Policy\Audit object access
• E. Audit Policy\Audit directory service access
• F. Advanced Audit Policy Configuration\Object Access

Correct answer: D, F

Explanation

The correct settings are D and F. Configuring 'Audit Policy\Audit object access' allows you to track access to specific files and directories, which is essential for auditing SYSVOL. 'Advanced Audit Policy Configuration\Object Access' further specifies that you want to audit object access events, ensuring detailed logging without increasing SYSVOL replication traffic. The other options do not focus specifically on file access auditing in this context.