Securing Windows Server 2016 — Question 68

You have a server named Server1.
You need to configure PowerShell logging to capture dynamic code generation. The solution must minimize the number of events that are logged.
What should you configure?

Answer options

• A. protected event logging
• B. script block logging
• C. module logging
• D. system-wide transcription

Correct answer: C

Explanation

The correct answer is C, module logging, as it captures events related to modules without overwhelming the logs. Option A, protected event logging, focuses on logging sensitive events, which isn't specifically aimed at dynamic code. Option B, script block logging, captures more detailed information than necessary in this case, and option D, system-wide transcription, logs all PowerShell commands, leading to excessive event generation.