Key Security Events for PCI-DSS Compliance

Account Logon
Credential Validation
The computer attempted to validate the credentials for an account
Kerberos Authentication Service
This event generates every time Key Distribution Center issues a Kerberos Ticket Granting Ticket (TGT).
Kerberos pre-authentication failed
Account Management
User Account Management
A user account was created
A user account was enabled
A user account was disabled
A user account was deleted
Logon/Logoff
Logon, Account Lockout
An account failed to log on
Other Logon/Logoff Events
A replay attack was detected
Non Audit (Event Log)
Other Events (Log Clear)
The audit log was cleared
Object Access
Other Object Access Events
A scheduled task was created
A scheduled task was deleted
A scheduled task was updated
System
Other System Events
The event logging service has shut down
Security State Change
Windows is starting up

Don't miss these events

Check your audit settings now

Validator





Audit Policy Requirements


Category Subcategory Audit Type
Account Logon Credential Validation Success, Failure
Account Logon Kerberos Authentication Service Failure
Logon/Logoff Logon, Account Lockout Failure
Logon/Logoff Other Logon/Logoff Events Success, Failure
Object Access Other Object Access Events Success
System Other System Events Success
System Security State Change Success
Account Management User Account Management Success