Are there any best practices on what to audit in a domain/AD from a security perspective?
What do you audit - and what do those audit logs help you prove/disprove/prevent/detect etc.
Are there any guides from Microsoft on auditable options and the benefits doing so bring.
Thanks
