LoFP
/
t1484.001
t1484.001
Title
Tags
group policy objects are created as part of regular administrative operations, filter as needed.
t1078.002
t1484
t1484.001
endpoint
splunk
legitimate use
t1005
t1040
t1059
t1072
t1090
t1124
t1127
t1219
t1484
t1484.001
t1546
t1546.015
t1555
t1555.003
t1562
t1562.001
t1564
t1564.001
windows
sigma
the default group policy objects within an ad network may be legitimately updated for administrative operations, filter as needed.
t1484
t1484.001
endpoint
splunk
LoFP
/
t1484.001