Forum

Ultimate Windows Security Forum » Security Log » 4764 - A groups type was changed » Regd: A group's type was changed

Regd: A group's type was changed Expand / Collapse
Rate Topic
Display Mode
Topic Options
Author
Message
Sundar Ponnusamy
Posted 2/16/2015 8:42:39 AM
Junior Member

Junior MemberJunior MemberJunior MemberJunior MemberJunior MemberJunior MemberJunior MemberJunior Member

Group: Forum Members
Last Login: 2/19/2015 5:29:35 AM
Posts: 10, Visits: 11
Hi:

I have created an alert if anyone changed the group type in AD.

I can see the group name and change type in the event which is being triggered.

Can you please let me know what are the important checks that we need to check in the event?

What we have to check in the change type?

Sometime, the alert will be triggered when the change from security disabled group to enabled group.

What are the abnormal activity with respective to this event?

Thanks & Regards,

Sundar

Post #2811
derekthomas
Posted 3/1/2015 8:01:30 PM
Supreme Being

Supreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme BeingSupreme Being

Group: Moderators
Last Login: 11/14/2013 3:17:47 PM
Posts: 237, Visits: 0
This event should be examined for whether the change type is expected or not. Only you can determine whether the change was approved or expected.
Post #2815
« Prev Topic | Next Topic »


Permissions Expand / Collapse

All times are GMT -5:00, Time now is 2:51am