Clearing the Security Log

When the log is full and no more events can be logged, you can clear Free Network+ study guides the log manually. Clearing the log erases all events permanently. Reducing the amount of time you keep an event also frees the log if it allows the next record to be overwritten.
To manually clear the security log, complete the following steps:
1.Open the Event Viewer console.
2.Right-click Security in the console tree, and then click Clear All Events.
3.In the Event Viewer message box
Click Yes to archive the log before clearing.
Click No to permanently discard the current event records and start recording new events.
4.If you clicked Yes, in the Save As dialog box, in the File Name list, type a name for the log file to be archived.
In the Save As Type list, click a file format, and then click Save.
In a secure environment, the Event Viewer security logs on servers storing confidential data or trade secrets are often configured so that they will not overwrite events. However, with that setting alone, the server will free comptia security+ exam simply stop logging new events once the log is full. This could be a problem if the events that were missed could have contained the proof that someone hacked your system. In order to truly make this setting work, you can configure the Audit: Shut Down System Immediately If Unable To Log Security Audits policy. This policy is configurable through the Group Policy Object Editor under the following path: Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options. If you enable this setting, be sure that you also have a procedure in place to archive the security log, or your server will be unable to provide services once the log is full.You'll have the opportunity to use this setting in theTroubleshooting Lab of this chapter.
Default Security Template (Setup security.inf)
The default security template is a computer-specific template that represents the default security settings applied during the installation of the operating system,including the file permissions for the root of the system drive. Therefore, this template is unique for each computer. You can use this template, or portions of it, for disaster recovery purposes. This template should never be applied by using Group Policy because it contains a large free it certification amount of data and can degrade performance due to the period refresh of Group Policy.