A system’s audit policy is maintained in the Security hive, below the PolicyPolAdtEv key. Its default value is REG_NONE data type and contains binar There is no auditing Success events are audited Failure events are audited Both success and failure events are audited

EC-Council: Computer Hacking Forensic Investigator(CHFI-V10)

Module 6 : Windows Forensics

Questions available : 94 You are not logged in.
Please Login for track your learning progress

Q. No: 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 |

Go to Question No.

Question No 0

If you want to share the link of this question, please click here to "Copy Question Link" and share that generated link. Link from URL may change in future.

Bookmark this Question

QID: 926

A system’s audit policy is maintained in the Security hive, below the PolicyPolAdtEv key. Its default value is REG_NONE data type and contains binary information into which the audit policy is encoded. The first 4 bytes (DWORD) of the binary data gives the information about whether auditing was enabled. The value of DWORD explains the status of the audit policy. The value 02 means:

A: There is no auditing

B: Success events are audited

C: Failure events are audited

D: Both success and failure events are audited

WELCOME TO ONLINE EXAM PREPARATION SYSTEM

Join Online Exam

Certification Examinations