| ID |
Event Description |
|
4649
|
A replay attack was detected
Domain Controller, Audit Success, Audit Failure, PCI-DSS, HIPAA, CJIS, ISO 27001:2013
|
|
4778
|
A session was reconnected to a Window Station
Audit Success, NIST 800-171, NIST SP 800-53, CMMC L3
|
|
4779
|
A session was disconnected from a Window Station
Audit Success, NIST 800-171, NIST SP 800-53, CMMC L3
|
|
4780
|
The ACL was set on accounts which are members of administrators groups
Domain Controller, Audit Success
|
|
4800
|
The workstation was locked
Audit Success, ISO 27001:2013, NIST 800-171, NIST SP 800-53, CMMC L3
|
|
4801
|
The workstation was unlocked
ISO 27001:2013, Audit Success, NIST 800-171, NIST SP 800-53, CMMC L3
|
|
4802
|
The screen saver was invoked
ISO 27001:2013, Audit Success, NIST 800-171, NIST SP 800-53, CMMC L3
|
|
4803
|
The screen saver was dismissed
ISO 27001:2013, Audit Success, NIST 800-171, NIST SP 800-53, CMMC L3
|
|
4825
|
A user was denied the access to Remote Desktop. By default, users are allowed to connect only if they are members of the Remote Desktop Users group or Administrators group
|
|
5378
|
The requested credentials delegation was disallowed by policy.
Audit Failure
|
|
5632
|
A request was made to authenticate to a wireless network.
Audit Success, Audit Failure
|
|
5633
|
A request was made to authenticate to a wired network.
Audit Success, Audit Failure
|