Course Description
Windows Active Directory Services has become the defacto enterprise directory service for Microsoft and non-Microsoft systems. In this practical, information packed seminar, you will learn a structured approach to securing and auditing Active Directory Services, from end-to-end and from top to bottom. You will cover all key Active Directory Services control points, as well as common CyberSecurity risks, safeguards, and audit procedures. Forests, domains, organizational units, directory services, Group Policy Object (GPO) control audit points and associated CyberSecurity and CyberAudit procedures within the Microsoft Active Directory architecture will be analyzed and demonstrated. Key changes affecting CyberSecurity and audit in different versions of Active Directory Services will be highlighted. You will gain criteria for selecting and using best-of-breed bundled, freeware, and commercial CyberSecurity and CyberAudit tools. You will also focus on strengthening your organization’s ability to demonstrate due diligence by emphasizing and leveraging industry best practices for CyberSecurity and CyberAudit of Active Directory Services.
Bonus: You will receive a comprehensive “Windows Server and Active Directory Audit Data Collection Guide”
Learning Objectives
- Identify the different versions and roles of Microsoft Windows Servers and important differences in built-in CyberSecurity and CyberAudit features
- Locate sources of industry CyberSecurity and CyberAudit best practice guidance
- Gain familiarity with Windows CyberSecurity policy deployment and patch management
- Learn how to use built-in and low cost software tools to gather CyberAudit evidence and assess the level of CyberSecurity for Windows Active Directory Services and associated Windows systems
Course Outline
Microsoft Windows Server and Active Directory Architecture
- Server roles and CyberSecurity control points
- Variations among different versions of Windows Server
- CyberSecurity risks associated with Microsoft Windows Active Directory Services
Auditing Active Directory
- Types of Active Directory objects, domain controller roles, and user groups
- Domains, forests, organizational units, and associated policy and trust relationships
- Active Directory containers and CyberSecurity (IT) network infrastructure
- Active Directory in the Cloud: Azure and beyond
- Lightweight Directory Access Protocol (LDAP) design and CyberSecurity
- Network Address Management: DHCP, DNS
- Domain user authentication protocols: NTLM, Kerberos
- Directory services event logs
- CyberSecurity vulnerability and patch management
- Microsoft TCP/IP applications and network services CyberSecurity risks and CyberAudit procedures
- Windows CyberSecurity Policies and Group Policy Objects (GPOs)
- Tools, techniques, and references for CyberAudits of Windows Active Directory Services CyberSecurity
Additional Information
Who Should Attend
IT Auditors
Information Security Managers, Analysts, and Architects
IT Architects
System Administrators
Consultants
Learning Level
Advanced
Delivery
Group Live
Field
Auditing
Advanced Preparation
None
Recommended Prerequisites
Simplifying Audits of Network CyberSecurity (CY10) or equivalent training. A basic understanding of IT audit controls and terminology is assumed.
Session Duration
On Site: 1 day
CPE Credits: 8