Windows DNS/Directory Services
Malicious or misused software can often attempt to resolve blacklisted or suspicious domain names. The collection of DNS queries and responses are recommended in order to enable discovery of compromise or intrusion through security analytics.A number of the below event IDs will only be recorded with enhanced auditing enabled. See [Network Forensics with Windows DNS Analytical Logging](http://blogs.technet.com/b/teamdhcp/archive/2015/11/24/network-forensics-with-windows-dns-analytical-logging.aspx) for more information.
Related Solution
AIS Managed SIEM
Explore our Solutions
Organizations are constantly faced with the challenge of adopting new technologies while safeguarding against potential security threats. The need for robust IT solutions has never been more pressing.

AIS Labs
AIS offers a variety of technology solutions leveraging enterprise open-source software, developed and maintained by AIS engineers. These include AIS Managed Firewall, NMS, SIEM, and VoIP.
Last modified
September 14, 2021