Event ID 4625 & 4740
Today we are going to discuss the relationship between Account Lockout Policy, badPwdCount, badPasswordTime, Event ID 4625 and Event ID 4740 in Windows domain environment. In fact, this is one of most important topics when we engage in designing SIEM solutions. Account Lockout Policy First of all, we start with the Account Lockout Policy in…