On a Windows network, Active Directory is the backbone for controlling who has access to devices and data. I will cover three simple changes that should be made to common AD default settings and practices, greatly increasing a company’s security posture.
Active Directory environments are typically the lifeblood of every company; acting as the core authentication and authorization source. Attackers can use the data held within AD to learn a great deal about an organization. On top of that, with the threats of Golden Tickets, malicious destruction, or simple unauthorized access into confidential data, protecting Active Directory is something that must be taken seriously. This session will cover a handful of security enhancements that are easily implemented yet appear to be rarely used, even by some security conscious entities. This will include not only the changes to these common misconfigurations but also some readily available methods that exploit them.