Does anyone know of a resource which lists the exact audit settings to satisfy the requirements for E1, specifically for active directory domain controllers? The list I have received is quite vauge, with things like "system administrative commands", "unauthorized access attempts to critical systems and file", "modifications to permissions", etc. Wondering if there's a concise list of what needs to be enabled for each control, kind of like stigviewer.