Active Directory Security (EN)

Seminar modeRemote, instructor-led
Seminar languageenglish
Seminar duration3 days
LocationRemote
Next date(s)tbd.
Booking link

[ Dieses Seminar ist auch auf Deutsch verfügbar >> Active Directory Security (DE) ]

In this 3-day online seminar, we look at various aspects of Active Directory and hybrid identity security. We examine the most prevalent attack paths that involve AD, formulate individual protective measures and secure design best practices to harden your AD environments against these attacks. At the end of the seminar, participants receive a PDF of the presentation materials that contains additional information and links to Internet resources.

The booking website is only available in German. If you’re not comfortable with this, just shoot them an email with your booking details and the seminar date you would like to book: seminare@heinemann-verlag.de

In this seminar:

Active Directory as target and conduit for cyberattacks

  • Brief history of AD, questionable design decisions and how attackers abuse them
  • Attackers think in graphs: classification of typical attack paths
  • A short recap of authentication and authorization mechanisms in Windows: NTLM, Kerberos & Co.

AD Administrator’s toolbelt

  • LDAP, LDAP Browser, ldp.exe
  • PowerShell in the context of Active Directory
  • Further built-in tools for AD management and reconnaissance
  • Free audit tooling
  • Event Log investigation using PowerShell and other means

Know the killchain

  • Initial Contact will always be possible – an excursion in endpoint security and code whitelisting
  • Reconnaissance: Anonymous, minimally permissioned and breaking through trusts
  • Credential Access: Passwords, passwords everywhere! Kerberos, NTLM, LDAP, DPAPI, GPOs…
  • PKI: How your certificates infrastructure becomes your worst enemy
  • Persistence and Escalation: Using AD to achieve and retain privileged position

Security-oriented AD design

  • Green Field, Brown Field, Red Field – Different circumstances allow for different measures
  • Mitigating Active Directory’s structural challenges
  • Engineering Kerberos – policies and settings
  • Deter credentials theft from current and past logon sessions
  • Harden yor PKI and operate it securely
  • Secure Domain Join and systems provisioning
  • Inhibit Lateral Movement and Escalation
  • Inhibit Persistence
  • Integrate people and processes early

When the house is on fire

  • Help! My AD just got ransomwared!
  • Help! My AD is being attacked!

Audit and tracking

  • Configuration audit and dealing with the findings
  • Permissions audit, effective permissions
  • Reactive behaviour monitoring usung Event Logs

Identity and security in hybrid environments

  • Entra ID Connect and Cloud Sync
  • SSO from on-premises AD to Entra ID
  • SSO from Entra ID to on-premises AD

Copyright © 2025 | WordPress Theme by MH Themes