Assessing security of your Active Directory
Download as PPTX, PDF1 like553 views
This document discusses assessing the security of Active Directory implementations. It covers weak implementations related to people, processes, and technology. It also discusses Active Directory logical and physical structures, components, and a risk assessment framework. Example recommendations from applying this framework to Company X include disabling booting from alternative OSes, upgrading domain and forest levels, limiting privileged accounts, and implementing secure password and backup policies.
Assessing security of your Active Directory
- 1. Aldo Elam Majiah Assessing Security of Active Directory
- 2. Weak AD Implementation Relation to People, Process, and Technology
- 3. AD Logical and Physical Structures
- 4. Components of Active Directory
- 5. AD Risk Assessment Framework
- 6. Result Example of AD Risk Assessment for Company X Disable booting from alternative OS Upgrade to higher domain and forest functional level Create secondary DC Create computer-based OU Limit & control high privilege domain accounts Utilize the use of restricted groups Separate account for administrators Implement secure password policies Implement secure account lockout policies Perform regular AD backup Automatic patch management system Perform regular vulnerability assessment Uninstall unnecessary ports and services Create AD documentation Upgrade to secure protocols
- 7. Assessment List for Secure AD