Home > Uncategorized > Paper: MSFT’s Best Practices for Securing Active Directory

Paper: MSFT’s Best Practices for Securing Active Directory

MSFT has released a paper called Best Practices for Securing Active Directory.

I’ve yet to read it, but judging by the table of contents, it looks chock full of good stuff:

  • Avenues to Compromise
    • Initial Breach Targets
    • Attractive Accounts for Credential Theft
  • Reducing the Active Directory Attack Surface
    • Privileged Accounts and Groups in Active Directory
    • Implementing Least-Privilege Administrative Models
    • Implementing Secure Administrative Hosts
    • Securing Domain Controllers Against Attack
  • Monitoring Active Directory for Signs of Compromise
    • Windows Audit Policy
    • Audit Policy Recommendations
  • Planning For Compromise
    • Rethinking the Approach
    • Maintaining a More Secure Environment
  • Appendix A: Patch and Vulnerability Management Software
  • Appendix B: Privileged Accounts and Groups in Active Directory
  • Appendix C: Protected Accounts and Groups in Active Directory
  • Appendix D: Securing Built-In Administrator Accounts in Active Directory
  • Appendix E: Securing Enterprise Admins Groups in Active Directory
  • Appendix F: Securing Domain Admins Groups in Active Directory
  • Appendix G: Securing Administrators Groups in Active Directory
  • Appendix H: Securing Local Administrator Accounts and Groups
  • Appendix I: Creating Management Accounts for Protected Accounts and Groups in Active Directory
  • Appendix J: Third-Party RBAC Vendors
  • Appendix K: Third-Party PIM Vendors
  • Appendix L: Events to Monitor
  • Appendix M: Document Links and Recommended Reading
Advertisements
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: