We are enabling LSA protection: Reference https://learn.microsoft.com/en-us/windows-server/security/credentials-protection-and-management/configuring-additional-lsa-protection
I am wondering about the following... As I understand if we see any Event 3065 or 3066, then we need to look into that process, because that process will fail if we enable LSA protection. Yet we have not found any of these events, but we do see machines that have event 3033. The event below is from .Net Framework, and this is showing in CodeIntegrity even if we have not enabled LSA protection. When it comes to the 3033 events, do we need to follow these up ? Will applications have problems ?
Thanks for any reply
Sign in to comment