How to Secure Active Directory (AD Tiering) - Tutorial 15 min
HTML-код
- Опубликовано: 16 сен 2024
- A 15 minute tutorial about #ActiveDirectory (#Tiering) with Peter Löfgren, Senior Technical Architect and part of our #Truesec Incident Response Team, discussing the topic of how you can avoid getting exposed to #cyberattacks by protecting your credentials.
______
Unknown vulnerabilities and weaknesses in your IT environment will poses a large risk of being hit by a cyberattack. To ensure a secure infrastructure and staying ahead of threat actors, you need to identify vulnerabilities and create a secure infrastructure on all levels of your organization. Protecting your credentials is one of them. By understanding what cybercriminals can do with your credentials, you can also learn how to protect yourself and your environment.
You will learn about:
- Tiering, and administrative approach to keeping your credentials safe.
- What is pass-the-hash and pass-the-ticket.
- Stepping up your game with Authentication silos and Conditional Access.
_____
For Whom:
Tech Professionals, IT technicians, IT professionals, and for you working at an IT department interested in cyber security.
Stay updated on our Tech Talks here: www.truesec.co...
![[Attack]tive Directory: Compromising a Network in 20 Minutes Through Active Directory](http://i.ytimg.com/vi/MIt-tIjMr08/mqdefault.jpg)
A public version of the script would be awesome, thanks for the video
I think it's important to also note, that in a live environment - You can't just switch service accounts around. As there are dependencies. A Service Account is often used across of servers, which would after tiering be divided into Tier 0 and Tier 1. I like the overall idea here, it's something i implement myself and having a nice script to help is top notch! Though i must say in a operational structure, where u can't just go offline on servers etc, you need to analyze each server for URA (User Right Assignments) And figure out, if you break service accounts after GPO's are applied.
Thanks for the video :)
Is the script public?
Comment section: if you simply obtained the script and applied the configs to your sandbox environment, your knowledge and skills will only suffer.
Recreate the commands by slowly scrubbing through the video if you want to enhance your understanding. There are no shortcuts.
Or just search online.
Great video - Is the script availble, how/where ?
Can you explain what will be tier 0, tier 1 servers... ?
Great Video.
Tier 0 = Domain Controllers, PKI, ADFS, SCCM, SCOM, Exchange IDM/IAM, AAD Connect/Sync server, Backup and hypervisors. Tier 1 servers could be the rest of your server infrastructur. E.g., som SQL Servers, fileservers etc.
Can I have the script? TX
Is the scripts available? And where ? Thanks
It would be great if the script was shared. It would make the video more useful. @Truesec
Is it possible to get the scripts? I haven't found any other resources for this
Can we have the scripts, thanks in advanced
Great video. Can you share the script?
Great explanation, but.. Moving servers, drag n drop?! What is the expected impact on the working of the server? What happens when I move my DC’s to the tier 0 folder?
You can't move DCs from built-in OU Domain Controllers, to tier 0 OU.
Domain Controllers are never moved, they are still Tier 0 in the OU they are located
Hi, great video, how can we have the template script, thanks ?
Can I have the script please?
Hello, would it be possible to have the script please?
Link to the script?
Whos the winner ? How to know ?
Hi, thanks, can you share your script please ?
Can you share your script please
Why do you even share video like this if you don't share the script you are using? O_o
the script please, tnx
Basically you went through all of the work of setting up a tiering system only to revert back to the classic "Domain Admin has access to everything" model. The point of tiering is to segment administrative access and not expose privileged accounts more than needed. You exposed the T0 accounts to risk by allowing them to log on to a potentially compromised workstation in an upper tier. Baaaaaad!