Audit Query for 70-290 Exam


I dont know why im finding this particular aspect of auditing some confusing but I am.
I was hoping somebody could confirm my final attempt at understanding the below, or explain the difference.

I am trying to find out the actual difference between the following 2 Audit entry types:
Audit Account Logon Events & Audit Logon Events

The way I understand it is that 'Audit Account Logon Events' are when userA logs onto their desktop as a domain user and the succesful/failed attempt gets logged within the Domain Controllers Security Event Log

The Audit Logon Events however is when userA attempts to access resources via file share on a server or another desktop/laptop and a success/failure entry is placed into the Security Log of the machine that is hosting the resource.

Can somebody confirm if that is correct, or if im completely barking up the wrong teapot.



Sign In or Register to comment.