Randy Franklin Smith's
Audit and Assessment of Active Directory Training
Overview
Auditing Active Directory is Different
Of all the technologies at an organization Active Directory is one of the most -
if not the most - important technologies to control and secure. However,
auditing Active Directory requires a unique methodology compared to auditing
other technologies.
Most databases, applications and operating systems allow you to collect evidence
and test controls on a system by system approach. But this does not work for
Active Directory. If you take the simple system by system approach to AD and
audit domain controllers (i.e. Active Directory servers) you will fail to test
many critical controls and you will waste effort re-testing many controls which
are duplicated between domain controllers.
Understanding AD Structure is Crucial
Any effective audit of Active Directory must be based on the architecture of AD
which includes Forests, Domains, Organizational Units, Domain Controllers and
Sites. There are different controls at each of these architectural component
levels that must be audited. In addition there are arcane relationships and
dynamics at work between each of these components that must be understood if you
are to recognize and test for the more obscure risks of AD that your IT
department may not even be aware of.
In this course I (Randy Franklin Smith) lead you through the Active Directory architecture and help
you understand how Forests, Domains, Organizational Units and Groups relate to
each other. After you understand the underlying technology, concepts and
interrelationships I show you how to audit AD. First I demonstrate how to scope
out an AD implementation starting from zero-knowledge, then how to identify
which forests, domains and OUs are relevant to the scope of your audit. Next you
learn exactly what evidence to collect from each level of the AD architecture
and then I lead you through each test to perform against that evidence.
This course is directly based on the methodology I follow when auditing AD
environments as a co-sourced consultant working with audit departments like yours.
Next: