-#1. I must audit security-relevant objects and directories in Windows. Specifically, Operating system executables, operating system configuration, system management and maintenance executables.
-#2. I’m tasked to reduce the size of audits.
-I need a comprehensive list of the above files to audit in Windows NT, Windows 2000, and Windows XP.
-Can this auditing be done by selecting file types (.exe, .cmd, etc.) within the Windows directories?
-What file types cover all the required security-relevant operating system files?
-Any ideas on accomplishing these 2 tasks without turning on auditing for the entire Windows directory (genrates massive audit logs)?
