Active Directory Hardening

Our Active Directory Security Hardening course is aimed at systems administrators and enterprise defender teams who would like to take their defense level higher than the standard vendor guidance.

We will go over many topics during this training – but I want you to understand one thing: Active Directory, YOUR Active Directory, is not an internal asset to an attacker. There are so many relatively easy ways to obtain access inside your network that you should consider it an external asset constantly under attack.

This course goes beyond hardening your domain controllers and GPOs – it is about protecting your whole infrastructure, as it is usually built on top of Active Directory.

Official documentation cannot mention certain kinds of attacks and vendors such as Microsoft often are not even allowed to demonstrate or use Mimikatz and similar tools in their guidance – which makes this course that much close to real life.

Main Topics

  • Common Active Directory Attacks
  • Advanced Attacks on Active Directory
  • Auditing your Active Directory for vulnerabilities
  • Active Directory Hardening Automation
  • Mitigations: Easy, covering 80% of the attack surface
  • Mitigations: Medium, covering 18% of the attack surface
  • Mitigations: Hard, covering the last 2% of the attack surface

What is the target audience?

  • IT teams managing Active Directory Infrastructure
  • Consultants working for MSSP (Managed Security Service Providers)

In this course you will learn the most widely used attacks against the traditional Active Directory infrastructure as well as the best ways to defend against them.

The author of this course has built defenses for nuclear power plants, banks and other large organizations – you can rely on their engineering and cybersecurity expertise.

Introduction

Common Active Directory attack methods

1
Attacker’s path from domain user to domain admin
2
MITRE ATT&CK Kill Chain: Stages of Attack, Exfiltration and Evading Detection
3
Using Local Admin accounts
4
The famous Mimikatz and its many faces
5
Is ntds.dit lying around?
6
Pass-the-hash
7
Overpass-The-Hash

Advanced Attacks on Active Directory

1
SPN Service Discovery
2
Kerberoasting
3
Exploiting Group Policy Preferences
4
Exploiting Kerberos Delegation

How protected is your Active Directory?

1
Auditing Active Directory: Tools & Techniques
2
Active Directory Attack Detection

Active Directory Attack Mitigations

1
Active Directory Hardening Automation
All BlueTeam Academy courses are available to corporations only. But fear not - we have prepared an approval letter you could send your management / HR, for your company to join our program and allow your team to study in the Academy.
We will provide you with a virtual lab where you can test everything you learn in this course - the attack, detection and mitigation methods.

Get ready for our 2020 content!

— 14 November 2019

  1. We will deliver entirely new course content in 2020 Stay updated with the latest Active Directory attack, detection and mitigation methods.
  2. We will partner with a new, improve virtual lab provider Be at the bleeding edge of technology and security with our new virtual study lab.


Be the first to add a review.

Please, login to leave a review
Add to Wishlist
Enrolled: 34 students
Duration: 10 hours
Lectures: 14
Video: 9 hours
Level: Advanced

Archive

Working hours

Monday 9:30 am - 6.00 pm
Tuesday 9:30 am - 6.00 pm
Wednesday 9:30 am - 6.00 pm
Thursday 9:30 am - 6.00 pm
Friday 9:30 am - 5.00 pm
Saturday Closed
Sunday Closed