Most operating systems include a logging and auditing facility. To set the security auditing policies in Windows, navigate to Windows: Administrative Tools> Local Security Policy> Local Policies> Audit Policy. You will see that Windows can record successful and failed attempts to log on, access resources, and other potentially sensitive operations. You can enable auditing for a specific resource by opening its properties sheet to the Security tab, selecting Advanced, and then the Auditing tab. To review the security log, navigate to Windows: Administrative Tools> Event Viewer. You will see the security log, as well as logs that contain application error and system error reports. Review the settings and logs on your computer. In a 2- to 3-page report, address the following:
Your main findings, especially situations you want to investigate
Auditing settings you would like to modify
Additional information you find helpful in the logs
Suggestions to improve the audit and logging user interface
Research the Windows Management Interface (WMI). How could WMI help you with some of the changes you have proposed?