Forum

Ultimate Windows Security Forum » Security Log » 4764 - A groups type was changed » Regd: A group's type was changed

Regd: A group's type was changed

Rate Topic

Display Mode

Topic Options

Author

Message

Sundar Ponnusamy

Posted 2/16/2015 8:42:39 AM

Junior Member

Group: Forum Members
Last Login: 2/19/2015 5:29:35 AM
Posts: 10, Visits: 11

Hi:

I have created an alert if anyone changed the group type in AD.

I can see the group name and change type in the event which is being triggered.

Can you please let me know what are the important checks that we need to check in the event?

What we have to check in the change type?

Sometime, the alert will be triggered when the change from security disabled group to enabled group.

What are the abnormal activity with respective to this event?

Thanks & Regards,

Sundar

Post #2811

derekthomas

Posted 3/1/2015 8:01:30 PM

Supreme Being

Group: Moderators
Last Login: 11/14/2013 3:17:47 PM
Posts: 237, Visits: 0

This event should be examined for whether the change type is expected or not. Only you can determine whether the change was approved or expected.

Post #2815

« Prev Topic | Next Topic »

Permissions

All times are GMT -5:00, Time now is 10:50pm

Upcoming Webinars

Implementing an Email Security Strategy Using the MITRE ATT&CK Framework

Additional Resources

Home

Forum

User name:
Password:
	/ Forgot?
	Register

Home

About | Contact

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2008 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk.