Randy Franklin Smith's
Audit and Assessment of Active Directory Training

What You Will Learn

  • Forests, Trees, Domains, OUs, Sites
  • Relationship of Windows Server to Active Directory
  • Impact of AD risks on your organization's databases and applications
  • How to scope your Active Directory environment and plan your audit
  • Why domains are not a security boundary
  • Enforcing controls over all-powerful administrators
  • Why you have to audit the entire forest not just the application server
  • Exactly what evidence and interview questions to ask
  • Tools for speeding up your audit
  • The difference between OUs and groups
  • Why the entire forest - not just domain - must meet a common level of security
  • How to classify trust relationships and their potential risk
  • Why local accounts are bad for security
  • Best practices such as a verifiable way to control access to resources managed completely within AD
  • How to follow least privilege and segregation of duty within the IT department
  • How to isolate domain controllers from risk
  • How to protect physically insecure domain controllers at branch offices and why that's so important



Additional Resources