This document provides a practitioner’s perspective and contains a set of practical techniques to help IT executives protect an enterprise Active Directory environment. Active Directory plays a critical role in the IT infrastructure, and ensures the harmony and security of different network resources in a global, interconnected environment.
The methods discussed are based largely on the Microsoft Information Security and Risk Management (ISRM) organization’s experience, which is accountable for protecting the assets of Microsoft IT and other Microsoft Business Divisions, in addition to advising a selected number of Microsoft Global 500 customers.
- Executive Summary
- Introduction
- Avenues to Compromise
- Attractive Accounts for Credential Theft
- Reducing the Active Directory Attack Surface
- Implementing Least-Privilege Administrative Models
- Implementing Secure Administrative Hosts
- Securing Domain Controllers Against Attack
- Monitoring Active Directory for Signs of Compromise
- Audit Policy Recommendations
- Planning for Compromise
- Maintaining a More Secure Environment
- Appendices
Read the documentation here:
- DOCS: Best Practices for Securing Active Directory
https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/best-practices-for-securing-active-directory
kurtsh
Kurt Shintaku's Blog 