What basic auditing policy logs attempts to authenticate a u

What basic auditing policy logs attempts to authenticate a user through a domain controller or a local Security Accounts Manager?

Solution

Configuring policy settings in this category can help you document attempts to authenticate account data on a domain controller or on a local Security Accounts Manager (SAM). Unlike Logon and Logoff policy settings and events, which track attempts to access a particular computer, settings and events in this category focus on the account database that is used. This category includes the following subcategories: