WinSecWiki > Security Settings > Local Policies > Audit Policy > Privilege Use > Sensitive

Sensitive Privilege Use

This category allows you to track the exercise of so-called sensitive privileges which are assigned in User Rights Assignment. But the value of these events is compromised by factors explained in the articles below. To configure this on Server 2008 and Vista you must use auditpol. Windows 7 and Server 2008 R2 and later can use Group Policy.

Coverage on events generated by this category are currently in the Security Log Encyclopedia:

Event ID Title
4673 A privileged service was called
4674 An operation was attempted on a privileged object

Back to top


Additional Resources