Windows Server Security Hardening çalışması kapsamında Tier 1 için önerilen audit konfigürasyonu aşağıdaki gibidir.
| Account Logon | |
| Policy | Setting |
| Audit Credential Validation | Success, Failure |
| Account Management | |
| Policy | Setting |
| Audit Security Group Management | Success |
| Audit User Account Management | Success, Failure |
| Detailed Tracking | |
| Policy | Setting |
| Audit PNP Activity | Success |
| Audit Process Creation | Success |
| Logon/Logoff | |
| Policy | Setting |
| Audit Account Lockout | Failure |
| Audit Group Membership | Success |
| Audit Logon | Success, Failure |
| Audit Other Logon/Logoff Events | Success, Failure |
| Audit Special Logon | Success |
| Object Access | |
| Policy | Setting |
| Audit Detailed File Share | Failure |
| Audit File Share | Success, Failure |
| Audit Other Object Access Events | Success, Failure |
| Audit Removable Storage | Success, Failure |
| Policy Change | |
| Policy | Setting |
| Audit Audit Policy Change | Success |
| Audit Authentication Policy Change | Success |
| Audit MPSSVC Rule-Level Policy Change | Success, Failure |
| Audit Other Policy Change Events | Failure |
| Privilege Use | |
| Policy | Setting |
| Audit Sensitive Privilege Use | Success, Failure |
| System | |
| Policy | Setting |
| Audit Other System Events | Success, Failure |
| Audit Security State Change | Success |
| Audit Security System Extension | Success |
| Audit System Integrity | Success, Failure |
Active Directory - Cyber Security 