Key Security Events for PCI-DSS Compliance

Account Logon
Credential Validation
The computer attempted to validate the credentials for an account
Kerberos Authentication Service
This event generates every time Key Distribution Center issues a Kerberos Ticket Granting Ticket (TGT).
Kerberos pre-authentication failed
Account Management
User Account Management
A user account was created
A user account was enabled
A user account was disabled
A user account was deleted
Logon, Account Lockout
An account failed to log on
Other Logon/Logoff Events
A replay attack was detected
Object Access
Other Object Access Events
A scheduled task was created
A scheduled task was deleted
A scheduled task was updated
Other System Events
The event logging service has shut down
The audit log was cleared
Security State Change
Windows is starting up

Are you compliant?

Check your audit settings now


Audit Policy Requirements

Category Subcategory Audit Type
Account Logon Credential Validation Success, Failure
Account Logon Kerberos Authentication Service Failure
Logon/Logoff Logon, Account Lockout Failure
Logon/Logoff Other Logon/Logoff Events Success, Failure
Object Access Other Object Access Events Success
System Other System Events Success
System Security State Change Success
Account Management User Account Management Success