Pagine

Hacker - Defending Active Directory Against Cyberattacks

Here is a very interesting Microsoft Virtual Academy about Active directory Security.

https://mva.microsoft.com/en-US/training-courses/defending-active-directory-against-cyberattacks-16327?l=Gj8k5XsSC_2004300474


Interested in the why, how, and what of Active Directory (AD) and enterprise protection? This course has the answers you need to help you defend AD against cyberattacks. Learn from the experts, as they look at Active Directory from an enterprise risk perspective. The key to success is knowing what your high-value assets are, securing them, and securing their dependencies.

Whether your digital assets are on-premises or in the cloud, join us to explore the AD environment, today’s adversaries, relationship dynamics, and strategic prioritization, along with adoption of least privilege. Take a look at the different aspects of Active Directory security, based on findings from the Microsoft Cybersecurity Services team, learn strategies to protect privileged identities in your environment, and finish the course with a roadmap for hardening your AD environment. Defenders should be as extremely adaptive as adversaries are these days, and this course is a great place to start.

1 | Active Directory Security: First Things First
Take a look at the sophisticated threats that target Active Directory. Examine the anatomy of a cyberattack, and review the basics of Active Directory security.
2 | Adopt Least Privilege
Learn about the centricity of Active Directory, further explore Tier 0, and understand the importance of assigning least privilege, including its role in your organization’s cyberdefense strategy.
3 | Protect Privileged Identities
Adversaries leverage privileged identities, the primary attack vector, to persist and expand the scope of compromise. Learn strategies to protect privileged identities in your environment.
4 | Defend Your Directory
Do you know who your admins are? Learn why maintaining solid access control to sensitive directory objects is important for mitigating stealthy means of persistence and escalation of privilege.
5 | Defend Your Domain Controllers
Protecting Domain Controller hosts is fundamental to maintain the integrity of the overall access model and security boundary provided by Active Directory. Learn how to mitigate the risks.
6 | Beware of Security Dependencies
Security dependencies are one of the more sophisticated means of compromising Active Directory. Learn how to minimize and protect the security dependencies in your organization's environment.
7 | Monitoring
Collection is not the same as detection. Learn what to collect and how to analyze and respond to your collected data. Start making more informed decisions in response to security events.