Introduction to Active Directory
Active Directory (AD) is present in the majority of corporate environments. Due to its many features and complexity, it presents a vast attack surface. To be successful as penetration testers and information security professionals, we must have a firm understanding of Active Directory fundamentals, AD structures, functionality, common AD flaws, misconfigurations, and defensive measures.
Module Summary
Understanding Active Directory (AD) functionality, schema, and protocols used to ensure authentication, authorization, and accounting within a domain is key to ensuring the proper operation and security of our domains. This module will cover many different terms, objects, protocols, and security implementations about Active Directory, focusing on the core concepts needed to move into later modules focused on enumerating and attacking AD environments.
In this module, we will:
- Examine the history of Active Directory
- Define commonly used terms
- Examine AD objects and structures
- Discuss the authentication protocols used
- Gain an understanding of the difference between rights and privileges
- Practice executing common AD management tasks
CREST CPSA/CRT-related Sections:
- All sections
CREST CCT APP-related Sections:
- All sections
CREST CCT INF-related Sections:
- All sections
This module is broken into sections with accompanying hands-on exercises to practice each of the tactics and techniques we cover. The module ends with a practical hands-on guided lab to reinforce your understanding of the various topic areas.
As you work through the module, you will see example commands and command output for the various topics introduced. It is worth reproducing as many of these examples as possible to reinforce further the concepts presented in each section. You can do this in the target host provided in the interactive sections or your virtual machine.
You can start and stop the module at any time and pick up where you left off. There is no time limit or “grading,” but you must complete all of the exercises and the skills assessment to receive the maximum number of cubes and have this module marked as complete in any paths you have chosen.
The module is classified as “Fundamental” in skill level. It assumes a basic knowledge of the Windows command line and operating system fundamentals and a fundamental understanding of information security principles.
A firm grasp of the following modules can be considered prerequisites for successful completion of this module:
- Introduction to Academy
- Getting Started
- Introduction to Networking
- Windows Fundamentals
Module Sections
- Why Active Directory?
- Active Directory Research Over the Years
- Active Directory Structure
- Active Directory Terminology
- Active Directory Objects
- Active Directory Functionality
- Kerberos, DNS, LDAP, MSRPC
- NTLM Authentication
- User and Machine Accounts
- Active Directory Groups
- Active Directory Rights and Privileges
- Security in Active Directory
- Examining Group Policy
- AD Administration: Guided Lab Part I
- AD Administration: Guided Lab Part II
- Wrapping It Up
Change Log