Audit Program for Active Directory and Domain Controllers

Get the Audit Program free

Take Randy's Audit and Assessment of Active Directory training in On Demand, Interactive Format

This audit program will help you follow the same methodology Randy Franklin Smith uses to perform a detailed audit of an Active Directory network.

Active Directory is an infrastructure technology that effects:

All Windows servers and workstations on the network
Microsoft Exchange
SQL server databases
Web and Intranet applications
Other applications relying on Active Directory for authentication and/or identity management

A vulnerability or inneffective control in Active Directory puts all these resources at risk as well.

Active Directory Structure

Auditing Active Directory is much more than auditing a few servers independent of each other and it's much more than a simple LDAP server as well. While the ultimate purpose of Active Directory is to manage users, groups and computers ("leaf objects"), this is facilitated by a complex hierarchy of container objects:

Frequently asked questions

Forests
Trees
Domains
Organizational Units
Sites

Each of these container levels have specific controls that need to be tested. Without a proper framework an IT audit generalist can easily duplicate work and waste effort by auditing the same control more than once or miss a crucial test by not realizing the control needs to be tested at a lower level in the hierarchy.

Audit Program Contents

This audit program guides you through each step of the review, from scope and planning through evidence extraction and analysis, to writing up your findings. Here's a few quick stats to demonstrate the depth and breadth of "Audit Program for Active Directory and Domain Controllers":

Flow chart illustrates how documents guide you through the audit process

7 documents corresponding to evidence collection and controls testing for each level in Active Directory
77 different controls tests linked to each level of AD (e.g. Forests, Domains, OUs, Domain Controllers)
64 pages of the most detailed and informed audit program for Active Directory available

This audit program will help you collect as much information as possible from the network so you don't have to rely on interview questions, and learn how to efficiently determine which computers in the network should be reviewed.

Get the audit program:

Purchase from eStore
Get it free when you take Audit and Assessment of Active Directory training in On Demand, Interactive Format

Upcoming Webinars

Additional Resources

Active Directory

•	Frequently Asked Questions
•	Flowchart
•	Purchase

Follow @randyfsmith

About | Contact

Ultimate Windows Security is a division of Monterey Technology Group, Inc. ©2006-2012 Monterey Technology Group, Inc. All rights reserved.
Disclaimer: We do our best to provide quality information and expert commentary but use all information at your own risk.