What happens when you apply an advanced audit policy (to basic)?
Basic policies are ignored
What are the steps required to go back to basic audit policies after configuring advanced audit policies?
1. Set all Advanced Audit Policy subcategories to Not configured.
2. Delete the %systemroot%\security\audit\audit.csv on the domain controllers for group policies and on the local computer for local policies.
3. Reconfigure and apply the basic audit policy settings.