Active Directory Domain Security Hardening çalışması kapsamında Domain Controller’lar (Tier 0) için önerilen konfigürasyon aşağıdaki gibidir.
| Advanced Audit Configuration | |
| Account Logon | |
| Policy | Setting |
| Audit Credential Validation | Failure |
| Audit Kerberos Authentication Service | Success, Failure |
| Audit Kerberos Service Ticket Operations | Failure |
| Audit Other Account Logon Events | Success, Failure |
| Account Management | |
| Policy | Setting |
| Audit Computer Account Management | Success, Failure |
| Audit Other Account Management Events | Success |
| Audit Security Group Management | Success, Failure |
| Audit User Account Management | Success, Failure |
| Detailed Tracking | |
| Policy | Setting |
| Audit DPAPI Activity | Success, Failure |
| Audit PNP Activity | Success |
| Audit Process Creation | Success |
| DS Access | |
| Policy | Setting |
| Audit Directory Service Access | Failure |
| Audit Directory Service Changes | Success |
| Logon/Logoff | |
| Policy | Setting |
| Audit Account Lockout | Failure |
| Audit Group Membership | Success |
| Audit Logoff | Success |
| Audit Logon | Success, Failure |
| Audit Other Logon/Logoff Events | Success, Failure |
| Audit Special Logon | Success, Failure |
| Object Access | |
| Policy | Setting |
| Audit Application Generated | Success |
| Audit Detailed File Share | Failure |
| Audit File Share | Success, Failure |
| Audit File System | Success |
| Audit Filtering Platform Connection | Failure |
| Audit Filtering Platform Packet Drop | Success |
| Audit Kernel Object | Success |
| Audit Other Object Access Events | Success, Failure |
| Audit Registry | Success |
| Audit Removable Storage | Success, Failure |
| Audit SAM | Success |
| Policy Change | |
| Policy | Setting |
| Audit Audit Policy Change | Success, Failure |
| Audit Authentication Policy Change | Success, Failure |
| Audit Filtering Platform Policy Change | Success |
| Audit MPSSVC Rule-Level Policy Change | Success, Failure |
| Audit Other Policy Change Events | Failure |
| Privilege Use | |
| Policy | Setting |
| Audit Other Privilege Use Events | Success |
| Audit Sensitive Privilege Use | Success, Failure |
| System | |
| Policy | Setting |
| Audit Other System Events | Success |
| Audit Security State Change | Success, Failure |
| Audit Security System Extension | Success |
| Audit System Integrity | Success, Failure |
Active Directory - Cyber Security 