Randy Franklin Smith's
Audit and Assessment of Active Directory Training


Auditing Active Directory is Different

Of all the technologies at an organization Active Directory is one of the most - if not the most - important technologies to control and secure. However, auditing Active Directory requires a unique methodology compared to auditing other technologies.

Most databases, applications and operating systems allow you to collect evidence and test controls on a system by system approach. But this does not work for Active Directory. If you take the simple system by system approach to AD and audit domain controllers (i.e. Active Directory servers) you will fail to test many critical controls and you will waste effort re-testing many controls which are duplicated between domain controllers.

Understanding AD Structure is Crucial

Any effective audit of Active Directory must be based on the architecture of AD which includes Forests, Domains, Organizational Units, Domain Controllers and Sites. There are different controls at each of these architectural component levels that must be audited. In addition there are arcane relationships and dynamics at work between each of these components that must be understood if you are to recognize and test for the more obscure risks of AD that your IT department may not even be aware of.

In this course I (Randy Franklin Smith) lead you through the Active Directory architecture and help you understand how Forests, Domains, Organizational Units and Groups relate to each other. After you understand the underlying technology, concepts and interrelationships I show you how to audit AD. First I demonstrate how to scope out an AD implementation starting from zero-knowledge, then how to identify which forests, domains and OUs are relevant to the scope of your audit. Next you learn exactly what evidence to collect from each level of the AD architecture and then I lead you through each test to perform against that evidence.

This course is directly based on the methodology I follow when auditing AD environments as a co-sourced consultant working with audit departments like yours.



Additional Resources
    Audit and Assessment of Active Directory