Deploy and Configure Microsoft LAPS. Step by step guide and useful tips
|
|
- Lawrence Parsons
- 5 years ago
- Views:
Transcription
1 Deploy and Configure Microsoft LAPS Step by step guide and useful tips
2 2 Table of Contents Challenges today... 3 What is LAPS... 4 Emphasis and Tips... 5 How LAPS Work... 6 Components... 6 Prepare, Deploy and Configure LAPS... 8 Requirements... 8 Active Directory... 8 Windows OS Support (Client and Managed PC)... 8 Management tools... 8 Membership... 8 Deploy... 9 Install on Managed Server and Client... 9 Configure LAPS settings in Active Directory Update Active Directory Schema Configure Group Policy to enable and set the relevant policies Check Active Directory Schema and Extended Rights... 15
3 3 Challenges today Today credential theft is a major problem in the security landscape, matching local administrator passwords in an environment often contribute to that problem and are a popular target for attackers. Far more than zero days or malware, credentials are what allow attackers to be successful in your network. Hackers, incident responders, and penetration testers know that valid credential reuse is one of the most common real-world vulnerabilities in today s networks. Valid credential reuse dominates as the top vulnerability. Since Pass-the-Hash is such an integral part of hackers campaign, internal penetration testing and realworld incidents, we are taking a first look at how this security advisory addresses the underlying issues with Pass-the-Hash and how it affects hackers of all sorts, both good and evil. LAPS take a different approach. LAPS do not eliminate the ability to Pass the Hash, rather it reduces the impact of Pass-the-Hash by making each local administrator password unique. This effectively helps limit the attack after a single machine is compromised. Once an attacker gains access to a client workstation, they can no longer access every other workstation in the environment through the shared local admin account. LAPS are designed to run in a least privilege model. No need to put a service account into the domain admins to manage passwords, the password resets are done in the context of the computer/system. There s no additional server to install and the passwords are stored in Active Directory. This has led to some interesting discussion on the Internet, with some saying, that makes AD a clear target. Active Directory has always been a clear target for attackers and has always held golden keys that would allow an attacker to take complete control of an infrastructure. Domain Admin level compromise, the Golden Ticket post exploitation technique, etc. LAPS, just like many other security controls, should be part of a holistic solution. Just taking care of local administrator passwords is a great step and a massive reduction in overall attack surface, but without the other mitigating controls in an environment it s true that attackers will still be able to gain a foothold and compromise your entire network. Randomizing local passwords is just a step in a security strategy, but it s a necessary step which is now easy and free with LAPS.
4 4 What is LAPS The Local Administrator Password Solution provides a centralized storage of secrets passwords in Active Directory without additional computers. Each domain administrators determine which users, such as helpdesk admins, are authorized to read the passwords. For occasions when login is required without domain credentials, password management can become complex. LAPS simplify password management while helping customers implement recommended defenses against cyberattacks. It mitigates the risk of lateral escalation that results when customers have the same administrative local account and password combination on many computers. A lot of organizations will use the same local administrator password across all machines, which is a bad idea for many reasons. At a basic level, if this password is learnt, it allows anyone to install software as an administrator at a higher level it facilitates things such as pass the hash, MimiKatz and general reconnaissance against your machines (usually with the goal of elevating to Domain Admin). If you currently deploy your Local Administrator Account via Group Policy Preferences, this makes things even easier for an attacker to obtain the shared local administrator password. The cpassword value is easily searchable against SYSVOL and Microsoft provide the 32 byte AES key which can be used to decrypt the cpassword. So, what can we do? Local Administrator Password Solution! As you know this is Microsoft solution to managing Local Administrator account passwords across an organization. LAPS solution features include: Sets a unique randomly generated password PER machine Automatically change the Local Administrator Password Stores Local Administrator Passwords as an attribute in Active Directory Password is protected in AD Granular security model can be easily implemented Password is protected during the transport via Kerberos encryption Why use LAPS instead of other password managers or vaults? Other password managers typically require either, additional hardware, trusting a third party, or ad hoc practices LAPS provide a streamlined approach to: Periodically randomizing local administrator passwords Ensures password update to AD succeeds before modifying locally Centrally store secrets in existing infrastructure in Active Directory Control access via AD ACL permissions Transmit encrypted passwords from client to AD
5 5 Emphasis and Tips During the implementation It s important to pay attention to some points Delegation model and a workflow for using the passwords. If your ou structure isn t laid out based on policy boundaries, or if you don t already have well defined RBAC this can will be a challenge. Your workflow for accessing the passwords will dictate a lot of how you design the access. Do you plan to use the passwords sometimes? you want to block attackers? LAPS only randomize one local account password. By default, it randomizes the built-in admin account (the one with 500 SID account) and discovers it by well-known SID. A different local account can be specified via GPO, but remember that it can discovered by name. Embrace the 500 SID account the 500 SID account is always there, always an admin and always something you can re- and LAPS will always find it and manage it. Local accounts are tricky to manage, and you need to manage with Local Account principle. The strategy is to have one local administrator account the built-in one! Make LAPS part of your larger Credential Theft Mitigation strategy Implement the best practice steps in the Pass the Hash documentation, use Restricted Groups to be authoritative on who is an admin, deny Local Accounts access over the network and manage machines in secure way. Monitor local accounts creation These are indicators of compromise and the successful logon of the local administrator account is a far more accurate metric of danger than auditing access to the password in many organizations. Monitor for Lateral Movement Stopping Lateral Account Movement from stolen credentials and preventing the attacker wandering unfettered around your network is the thing that would have made the Incident Responses I ve been to this year less of an Incident. Reset Password and Technician side Since ms-mcs-adminpwd only stores one password, some customers have expressed concerns for what this means for a system restored from backup. The supported scenario there would be to reset the password with a supported tool such as DART. LAPS and Password Expiration By enable the password expiration with higher value and with LAPS there will be a conflict because LAPS will thing that you mean to other values. Auditing To audit LAPS you need to work with Windows Event Forwarding which means that need access and tracked via AD Attribute logging and event So, the meaning is a lot of events.
6 6 Access LAPS and Settings Access to the password is allowed via control access right on the attribute. Control access is an extended right in Active Directory, which means if admin granted for extended permissions he will view all password therefore LAPS includes the Find-AdmPwdExtendedrights cmdlet to track who has those permissions. LAPS and Plain Text LAPS stored in a Plain Text therefore the LAPS settings must to be with stronger ACLs and restrict access to irrelevant admins. How LAPS Work The LAPS process 1. Machine with LAPS queries Group Policy and receives the LAPS policy settings defined above 2. Machine queries ms-mcs-admpwdexpirationtime, if not set, or expired it will generate a new password and set this locally and securely write this value to the mc-mcs-admpwd attribute in Active Directory 3. Password is now set locally, stored in Active Directory and is ready for use 4. The LAPS CSE will query this value on each Group Policy update, when the ms-mcs- AdmPwdExpirationTime is met, or the attribute is not set it will re-generate a new password 5. If machine cannot contact Active Directory, no changes are made Components Agent - Group Policy Client-Side Extension that installed via MSI o Event logging o Random password generation - written from client computer to AD computer object PowerShell module o Solution configuration Active Directory Centralized Control o Audit in security log of Domain Controller o Computer object and confidential attribute Solution automatically manages the with X500 account password on domain joined computers, so the password must to be: Unique on each managed computer Randomly generated Stored in existing AD infrastructure Solution is built upon AD infrastructure, so there is no need to install and support other technologies.
7 7 Solution itself is a Group Policy Client-Side Extension that is installed on managed machines and performs all management tasks Management tools delivered with the solution allow for easy configuration and administration. Core of the solution is GPO Client-Side Extension that performs the following tasks during GPO update: Checks whether the password of local Administrator account has expired or not Generates the new password when old password expired or is required to be changed Changes the password of Administrator account Reports the password to password Active Directory, storing it in confidential attribute with computer account in Active Directory Password then can be read from AD by users who can do so Password can be forced to be changed by eligible users
8 8 Prepare, Deploy and Configure LAPS The first step is to check the if the environment is compatible with LAPS, the requirement is on Active Directory level and Client level. Requirements Active Directory Forest Level based on Windows Server 2003 and higher Domain Level based on Windows Server 2003 and higher FSMO configured on Windows Server 2003 SP1 and higher Managed DC based on Windows 2003 SP1 and higher RODC installed in the environment and must have the value of the attribute ms-mcs-admpwd *Itanium-based machines are not supported Windows OS Support (Client and Managed PC) Windows Server 2016 Windows Server 2012 R2 (Datacenter, Standard, Essentials, Foundation) Windows 8.1 (Enterprise, Pro) Windows Server 2012 (Datacenter, Standard, Essentials, Foundation) Windows 8 (Enterprise, Pro) Windows Server 2008 R2 Service Pack 1 Windows 7 Service Pack 1 Windows Server 2008 Service Pack 2 Windows Vista Service Pack 2 Microsoft Windows Server 2003 Service Pack 2 *Itanium NOT supported Management tools.net Framework 4.0 PowerShell 2.0 or above Membership The Admin member that run the schema update must be part of Schema Admins
9 9 Deploy Now that we prepared and have all requirements we can continue to next step and to prepare the Active Directory, configure policies, deploy client and configure all other settings. LAPS deployment can be divided into few steps: 1. Installs LAPS on management machine 2. Configure LAPS settings in Active Directory 3. Deploying LAPS client to those machines you wish to manage 4. Configure Group Policy to enable and set the relevant policies 5. Configure post settings 6. Perform simulation attack on client pc Install on Managed Server and Client First, we need to download and install the LAPS that includes the PowerShell module, Group policy template on management pc or server, download both 64 bit and 32 bit versions from Microsoft official site Local Administrator Password Solution (LAPS)
10 10 Configure LAPS settings in Active Directory Update Active Directory Schema LAPS PowerShell commands Now that we ve the relevant PowerShell command we can update the schema on Active Directory from the AdmPwd module Now let s check that we ve the relevant PowerShell command with: Get-Command *admpwd* And Get-Command *admpwd* GM
11 11 Now that we know what commands are available to use, we should update the schema so our computer account objects have the required attributes. Import AdmPwd Module with the following command: Import-Module admpwd.ps Update Active Directory Schema Update Active Directory Schema with the following command: Update-AdmPwdADSchema -Verbose The AD Schema extended includes few changes: Admin account to manage will member of Schema Admins Active Directory group extended by two new attributes o ms-mcs-admpwd that stores the password in clear text o ms-mcs-admpwdexpirationtime that stores the time to reset the password Grant Permission to Objects Grant computers the ability to update their password attribute using the Set- AdmPwdComputerSelfPermission command below Set-AdmPwdComputerSelfPermission -OrgUnit "OU=AllComputers,DC=LAB,DC=Local Note: AdmPwdComputerSelfPermission delegate rights allow the computer object to write to the ms- MCS-AdmPwd and ms-mcs-admpwdexpirationtime attributes.
12 12 Removing the extended rights You must restrict the ability to view the password and remove All extended rights from users and groups that are not allowed to read the value of attribute ms-mcs-admpwd Grant Permissions to Specific Admin group To grant permissions for users to allow them to retrieve a computers password right the command below: Set-AdmPwdReadPasswordPermission -OrgUnit "OU=AllComputers,DC=LAB,DC=Local - AllowedPrincipals "Domain Admins" Set-AdmPwdResetPasswordPermission -OrgUnit "OU=AllComputers,DC=LAB,DC=Local - AllowedPrincipals "Domain Admins"
13 13 Configure Group Policy to enable and set the relevant policies Once we prepare and set all configuration in Active Directory, objects and permission we need to prepare LAPS policy with specific settings on Group Policy. Password Settings This is where you ll choose your password policy. The default is complex passwords, 14 chars and a password age of 30 days. Password Settings The default is complex passwords; 14 chars and a password age of 30 days and machines will automatically change their password when this is met.
14 14 Enable local admin password management Enables management of password for local administrator account Do not allow password expiration time longer than required by policy Planned password expiration longer than password age dictated by Password Settings policy is NOT allowed. When such expiration is detected, password is changed immediately, and password expiration is set according to policy.
15 15 Check Active Directory Schema and Extended Rights Quick report to see all of the accounts and groups with this permission Get-ADOrganizationalUnit -Filter * Find-AdmPwdExtendedRights -PipelineVariable OU ForEach{$_.ExtendedRightHolders ForEach{[pscustomobject]@{OU=$Ou.ObjectDN Object = $_ } } } Another way to look at the settings before it configured is to run the following command: Get-AdmPwdPassword -ComputerName ESLAB-CL01 fl From ADUC we can check the Computer object attribute
Bart
Bart Bultinck bart@integreat.be @evilbart LAPS Local Admin Password Solution Microsoft Security Advisory - 3062591 MICROSOFT SECURITY ADVISORY 3062591 1 may 2015 BAD HABITS Bad habits: Excessive alcohol
More informationInstallation of LAPS Password Management Demo Deployment
Installation of LAPS Password Management Demo Deployment Version: 1.0 Last Modified: 2017.11.2 Installation The content of this document is property of Omni Technology Solutions, Inc. All Rights Reserved.
More informationComputers Gone Rogue. Abusing Computer Accounts to Gain Control in an Active Directory Environment. Marina Simakov & Itai Grady
Computers Gone Rogue Abusing Computer Accounts to Gain Control in an Active Directory Environment Marina Simakov & Itai Grady Motivation Credentials are a high value target for attackers No need for 0-day
More information10 Active Directory Misconfigurations That Lead to Total Compromise Austin, TX 201 W 5th St.
10 Active Directory Misconfigurations That Lead to Total Compromise hello@javelin-networks.com +1-888-867-5179 Austin, TX 201 W 5th St. 1. Group Policy Preferences Visible Passwords Group Policy Preferences
More informationMicrosoft - Configuring Windows Server 2008 Active Directory Domain Services (M6425)
Microsoft - Configuring Windows Server 2008 Active Directory Domain Services (M6425) Code: 6123 Lengt h: URL: 5 days View Online In this comprehensive course you will not only discuss the crucial concepts
More informationDesigning and Operating a Secure Active Directory.
Designing and Operating a Secure Active Directory Introduction Gil Kirkpatrick, CTO, NetPro Architect of NetPro Active Directory products Author of Active Directory Programming from SAMS Founder of the
More information7 EASY ATTACKS AGAINST ACTIVE DIRECTORY
NEW TITLE: 7 EASY ATTACKS AGAINST ACTIVE DIRECTORY And How to Prevent Them Through Good Practices and a Little Group Policy ABOUT ME Kevin McBride Security Specialist at Meridian Credit Union 12 years
More informationAdvanced Security Measures for Clients and Servers
Advanced Security Measures for Clients and Servers Wayne Harris MCSE Senior Consultant Certified Security Solutions Importance of Active Directory Security Active Directory creates a more secure network
More informationCISNTWK-11. Microsoft Network Server. Chapter 4
CISNTWK-11 Microsoft Network Server Chapter 4 User and Group Accounts 1 Usage Notes Throughout these slides, the term Active Directory Domain implies Domains Based on Windows Server 2008 Based on Windows
More informationActive Directory Attacks and Detection
Active Directory Attacks and Detection #Whoami Working as an Information Security Executive Blog : www.akijosberryblog.wordpress.com You can follow me on Twitter: @AkiJos This talk is Based on Tim Madin
More informationThe Common Access Card The problems it solves (and the ones it doesn t) Quest Software/One Identity Dan Conrad Federal CTO
The Common Access Card The problems it solves (and the ones it doesn t) Quest Software/One Identity Dan Conrad Federal CTO 1 Disclaimer The views expressed in this presentation are those of the author(s)
More informationInstall and Configure Active Directory Domain Services
Active Directory 101 Install and Configure Active Directory Domain Services Sander Berkouwer CTO at SCCT 10-fold Microsoft MVP Active Directory aficionado Daniel Goater Systems Engineer Netwrix Active
More informationPass-the-Hash Attacks
Pass-the-Hash Attacks Mgr. Michael Grafnetter www.dsinternals.com Agenda PtH Attack Anatomy Mitigation Proactive Reactive Windows 10 + Windows Server 2016 Microsoft Advanced Threat Analytics PtH Attack
More informationPremediation. The Art of Proactive Remediation. Matthew McWhirt, Senior Manager Manfred Erjak, Principal Consultant OCTOBER 1 4, 2018 WASHINGTON, D.C.
Premediation The Art of Proactive Remediation Matthew McWhirt, Senior Manager Manfred Erjak, Principal Consultant OCTOBER 1 4, 2018 WASHINGTON, D.C. Overview Case Study Remediation Overview Premediation
More information70-742: Identity in Windows Server Course Overview
70-742: Identity in Windows Server 2016 Course Overview This course provides students with the knowledge and skills to install and configure domain controllers, manage Active Directory objects, secure
More informationConfiguring and Troubleshooting Windows Server 2008 Active Directory Domain Services
6425 - Configuring and Troubleshooting Windows Server 2008 Active Directory Domain Services Duration: 5 days Course Price: $2,975 Software Assurance Eligible Course Description Microsoft Windows Server
More informationServer : Manage and Administer 3 1 x
Server : Manage and Administer 3 1 x Revised 2016/05/17 TestOut Server Pro: Manage and Administer English 3.1.x Videos: 56 (4:25:22) Demonstrations: 87 (10:14:13) Simulations: 63 Written Lessons: 72 Section
More informationMOVE BEYOND GPO FOR NEXT-LEVEL PRIVILEGE MANAGEMENT
MOVE BEYOND GPO FOR NEXT-LEVEL PRIVILEGE MANAGEMENT DON T USE A HAMMER MOVE BEYOND GPO FOR NEXT-LEVEL TO TURN A SCREW PRIVILEGE MANAGEMENT The first stage of privilege management Most organizations with
More informationSecurity Fundamentals for your Privileged Account Security Deployment
Security Fundamentals for your Privileged Account Security Deployment February 2016 Copyright 1999-2016 CyberArk Software Ltd. All rights reserved. CAVSEC-PASSF-0216 Compromising privileged accounts is
More informationCOPYRIGHTED MATERIAL. Contents. Part I: The Basics in Depth 1. Chapter 1: Windows Attacks 3. Chapter 2: Conventional and Unconventional Defenses 51
Acknowledgments Introduction Part I: The Basics in Depth 1 Chapter 1: Windows Attacks 3 Attack Classes 3 Automated versus Dedicated Attacker 4 Remote versus Local 7 Types of Attacks 8 Dedicated Manual
More informationWindows Server Security Guide
Windows Server Security Guide August 2017 Contents Windows Server 2016 Security Guide... 3 Why is Windows Server 2016 security important?... 3 How does Windows Server 2016 help prevent and detect compromise?...
More informationNetIQ Advanced Authentication Framework. Deployment Guide. Version 5.1.0
NetIQ Advanced Authentication Framework Deployment Guide Version 5.1.0 Table of Contents 1 Table of Contents 2 Introduction 3 About This Document 3 NetIQ Advanced Authentication Framework Deployment 4
More informationMicrosoft Exam
Volume: 59 Questions Question: 1 Your network contains an Active Directory forest named contoso.com. The forest functional level is Windows Server 2012. All servers run Windows Server 2016. You create
More informationDetecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC
Detecting Lateral Movement in APTs ~Analysis Approach on Windows Event Logs~ June 17, 2016 Shingo ABE ICS security Response Group JPCERT/CC Agenda Introduction to JPCERT/CC About system-wide intrusions
More informationJoe Stocker, CISSP, MCITP, VTSP Patriot Consulting
Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting Microsoft Cloud Evangelist at Patriot Consulting Principal Systems Architect with 17 Years of experience Technical certifications: MCSE, MCITP Office
More informationExtend Your Server 2003 Active Directory Schema For Windows 7 And Server 2008
Extend Your Server 2003 Active Directory Schema For Windows 7 And Server 2008 When you are using Windows Server 2003 or Windows Server 2008 32bit Active Directory promotion wizard automatically extend
More informationAre You Avoiding These Top 10 File Transfer Risks?
Are You Avoiding These Top 10 File Transfer Risks? 1. 2. 3. 4. Today s Agenda Introduction 10 Common File Transfer Risks Brief GoAnywhere MFT Overview Question & Answer HelpSystems Corporate Overview.
More informationVMware vcloud Air SOC 1 Control Matrix
VMware vcloud Air SOC 1 Control Objectives/Activities Matrix VMware vcloud Air goes to great lengths to ensure the security and availability of vcloud Air services. In this effort, we have undergone a
More informationWindows Server 2008 Active Directory Resource Kit
Windows Server 2008 Active Directory Resource Kit Stan Reimer, Mike Mulcare, Conan Kezema, Byron Wright w MS AD Team PREVIEW CONTENT This excerpt contains uncorrected manuscript from an upcoming Microsoft
More informationMANAGING LOCAL AUTHENTICATION IN WINDOWS
MANAGING LOCAL AUTHENTICATION IN WINDOWS Credentials Manager Windows OS has a set of tools that help remedy some of the authentication challenges. For example, the Credential Manager in Windows 7 and newer
More informationWindows 10 Security & Audit
Windows 10 Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC, CSX-P jtannahi@rogers.com Windows 10 Editions Home Pro Enterprise Education Mobile IoT Editions 1 Windows 10 Builds Windows 10 (initial
More informationIdentity & Access Management
Identity & Access Management THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY WITHOUT COMPROMISING SECURITY? S E C U R I T Y OR P R O D U C T I V I T Y On-premises THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY
More informationSecuring Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection
Securing Privileged Access Securing High Value Assets Datacenter Security Information Protection Information Worker and Device Protection Azure Active Directory 3 rd Party IaaS IaaS Rights Management Services
More informationPass-the-Hash Attacks. Michael Grafnetter
Pass-the-Hash Attacks Michael Grafnetter www.dsinternals.com Agenda PtH Attack Anatomy Mitigation Proactive Reactive Windows 10 + Windows Server 2016 PtH History and Future 1988 Microsoft releases Lan
More informationEndpoint Protection with DigitalPersona Pro
DigitalPersona Product Brief Endpoint Protection with DigitalPersona Pro An introductory technical overview to DigitalPersona s suite for Access Management, Data Protection and Secure Communication. April
More informationIdentity with Windows Server 2016 (742)
Identity with Windows Server 2016 (742) Install and Configure Active Directory Domain Services (AD DS) Install and configure domain controllers This objective may include but is not limited to: Install
More informationRadius, LDAP, Radius, Kerberos used in Authenticating Users
CSCD 303 Lecture 5 Fall 2018 Radius, LDAP, Radius, Kerberos used in Authenticating Users Kerberos Authentication and Authorization Previously Said that identification, authentication and authorization
More informationActive Directory Attacks and Detection
Active Directory Attacks and Detection #Whoami Working as an Information Security Executive Blog : www.akijosberryblog.wordpress.com You can follow me on Twitter: @AkiJos Lab Setup AJLAB.COM: 2 Domain
More informationSecuring Windows Server 2016
Course 20744C: Securing Windows Server 2016 Page 1 of 7 Securing Windows Server 2016 Course 20744C: 4 days; Instructor-Led Introduction This four-day, instructor-led course teaches IT professionals how
More informationmicrosoft. Number: Passing Score: 800 Time Limit: 120 min.
70-744 microsoft Number: 70-744 Passing Score: 800 Time Limit: 120 min Exam A QUESTION 1 This question is part of a series of question that use the same or similar answer choices. Your network contains
More informationIMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP
IMPLEMENTING MICROSOFT CREDENTIAL GUARD FOR ISO 27001, PCI, AND FEDRAMP North America Latin America Europe 877.224.8077 info@coalfire.com coalfire.com Coalfire sm and CoalfireOne sm are registered service
More informationWindows Server 2003 Network Administration Goals
Objectives Differentiate between the different editions of Windows Server 2003 Explain Windows Server 2003 network models and server roles Identify concepts relating to Windows Server 2003 network management
More informationMicrosoft Designing and Implementing a Server Infrastructure. Download Full Version :
Microsoft 70-413 Designing and Implementing a Server Infrastructure Download Full Version : http://killexams.com/pass4sure/exam-detail/70-413 Explanation: Invoke-IpamGpoProvisioning Creates and links group
More information8 Administering Groups
8 Administering Groups Exam Objectives in this Chapter: Plan a security group hierarchy based on delegation requirements. Plan a security group strategy. Why This Chapter Matters As an administrator, you
More informationADSelfService Plus' Password Policy Enforcer. Active Directory Group Policy Object-based password policy
Comparison Document ADSelfService Plus' Password Policy Enforcer Vs Active Directory Group Policy Object-based password policy Vs Active Directory Fine-grained password policies Passwords are the first
More informationSecuring Active Directory Administration
Securing Active Directory Administration April 18, 2019 Sponsored by @BlackHatEvents / #BlackHatWebcasts Agenda On-Prem AD vs Azure AD Evolution of Administration Exploiting Typical Administration Methods
More informationWHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution
WHITE PAPER Cloud FastPath: A Highly Secure Data Transfer Solution Tervela helps companies move large volumes of sensitive data safely and securely over network distances great and small. We have been
More informationMay 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations
May 14, 2018 1:30PM to 2:30PM CST In Plain English: Cybersecurity and IT Exam Expectations Options to Join Webinar and audio Click on the link: https://www.webcaster4.com/webcast/page/584/24606 Choose
More informationDigitalPersona Pro Enterprise
DigitalPersona Pro Enterprise Quick Start Guide Version 5 DATA PROTECTION REMOTE ACCESS SECURE COMMUNICATION STRONG AUTHENTICATION ACCESS RECOVERY SINGLE SIGN-ON DigitalPersona Pro Enterprise DigitalPersona
More informationExam Questions
Exam Questions 70-685 Pro: Windows 7, Enterprise Desktop Support Technician https://www.2passeasy.com/dumps/70-685/ 1.Portable computer users report that they can use Internet Explorer to browse Internet
More informationRastaLabs Red Team Simulation Lab
RastaLabs Red Team Simulation Lab LAB OUTLINE Description RastaLabs is a virtual Red Team Simulation environment, designed to be attacked as a means of learning and honing your engagement skills. The focus
More informationACTIVE DIRECTORY DOMAIN STIG REVISION HISTORY. Version 2, Release January Developed by DISA for the DoD
ACTIVE DIRECTORY DOMAIN STIG Version 2, Release 8 27 January 2017 Developed by for the DoD Active History, V2R8 V2R8 V2R7 - V-8548 - Removed Enterprise and Domain Admins - accounted for in other requirements.
More informationNetIQ Advanced Authentication Framework. Deployment Guide. Version 5.1.0
NetIQ Advanced Authentication Framework Deployment Guide Version 5.1.0 Table of Contents 1 Table of Contents 2 Introduction 3 About This Document 3 NetIQ Advanced Authentication Framework Deployment 4
More informationTestOut Server Pro 2016: Identity - English 4.0.x LESSON PLAN. Revised
TestOut Server Pro 2016: Identity - English 4.0.x LESSON PLAN Revised 2018-08-06 Table of Contents Introduction Section 0.1: Server Pro 2016: Identity Introduction... 4 Section 0.2: The TestOut Lab Simulator...
More informationSQL Server Solutions GETTING STARTED WITH. SQL Secure
SQL Server Solutions GETTING STARTED WITH SQL Secure Purpose of this document This document is intended to be a helpful guide to installing, using, and getting the most value from the Idera SQL Secure
More informationMicrosoft Windows Server 2008 Functionality Changes. Powered by Microsoft TechNet
Microsoft Windows Server 2008 Functionality Changes Powered by Microsoft TechNet 2 Table of Contents Chapter 1 New in Active Directory Certificate Services... 3 Chapter 2 What's New in Active Directory
More informationConfiguring and Troubleshooting Windows Server 2008 Active Directory Domain Services (Course 6425A)
Duration Five days Introduction This five-day instructor-led course provides to teach Active Directory Technology Specialists with the knowledge and skills to configure in a distributed environment, implement
More informationICS Security Monitoring
ICS Security Monitoring INFRASTRUCTURE MINING & METALS NUCLEAR, SECURITY & ENVIRONMENTAL OIL, GAS & CHEMICALS Moses Schwartz Security Engineer Computer Incident Response Team Bechtel Corporation State
More information"Charting the Course... MOC C: Securing Windows Server Course Summary
Course Summary Description This five-day, instructor-led course teaches IT professionals how they can enhance the security of the IT infrastructure that they administer. This course begins by emphasizing
More informationProtect Your Application with Secure Coding Practices. Barrie Dempster & Jason Foy JAM306 February 6, 2013
Protect Your Application with Secure Coding Practices Barrie Dempster & Jason Foy JAM306 February 6, 2013 BlackBerry Security Team Approximately 120 people work within the BlackBerry Security Team Security
More informationPROPOSAL OF WINDOWS NETWORK
PROPOSAL OF WINDOWS NETWORK By: Class: CMIT 370 Administering Windows Servers Author: Rev: 1.0 Date: 01.07.2017 Page 1 of 10 OVERVIEW This is a proposal for Ear Dynamics to integrate a Windows Network
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationActive Directory Attacks and Detection Part -II
Active Directory Attacks and Detection Part -II #Whoami Working as an Information Security Executive Blog : www.akijosberryblog.wordpress.com You can follow me on Twitter: @AkiJos Key Takeaways How to
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationInstallation Guide. . All right reserved. For more information about Specops Password Policy and other Specops products, visit
. All right reserved. For more information about Specops Password Policy and other Specops products, visit www.specopssoft.com Copyright and Trademarks Specops Password Policy is a trademark owned by Specops
More informationmicrosoft. Number: Passing Score: 800 Time Limit: 120 min.
70-744 microsoft Number: 70-744 Passing Score: 800 Time Limit: 120 min Exam A QUESTION 1 This question is part of a series of question that use the same or similar answer choices. Your network contains
More informationManaging Group Policy application and infrastructure
CHAPTER 5 Managing Group Policy application and infrastructure There is far more to managing Group Policy than knowing the location of specific policy items. After your environment has more than a couple
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 7 Access Control Fundamentals
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 7 Access Control Fundamentals Objectives Define access control and list the four access control models Describe logical access control
More informationMoving from Reactive to Proactive Security. Sami Laiho Adminize / Intility Senior Technical Fellow, MVP April 28 th New-York City
Moving from Reactive to Proactive Security Sami Laiho Adminize / Intility Senior Technical Fellow, MVP April 28 th New-York City Thanks to our Organizers! Tome Tanasovski PowerShell MVP Blog: http://powertoe.wordpress.com/
More information3 ways of supporting a group of computers. Machine by machine Centrally structured Centrally managed (AD/Novell)
3 ways of supporting a group of computers Machine by machine Centrally structured Centrally managed (AD/Novell) Pre-reqs for Remote/Central Administration list of machines NT based OS Known Account w/
More informationCIS Top 20 #5. Controlled Use of Administrative Privileges
CIS Top 20 #5 Controlled Use of Administrative Privileges CIS CSC #5: Controlled use of administrative privileges What is a privileged Account? Why are they Dangerous? What can we do about it? How
More informationMCSA Windows Server 2012
MCSA Windows Server 2012 This Training Program prepares and enables learners to Pass Microsoft MCSA: Windows Server 2012 exams 1. MCSA: Windows Server 2012 / 70-410 Exam (Installing and Configuring Windows
More informationCourse Outline 20742B
Course Outline 20742B Module 1: Installing and configuring domain controllers This module describes the features of AD DS and how to install domain controllers (DCs). It also covers the considerations
More informationthe SWIFT Customer Security
TECH BRIEF Mapping BeyondTrust Solutions to the SWIFT Customer Security Controls Framework Privileged Access Management and Vulnerability Management Table of ContentsTable of Contents... 2 Purpose of This
More informationOverview. Audience Profile. Module Title : 20410DC -Installing and Configuring Windows Server Course Outline :: 20410DC::
Module Title : 20410DC -Installing and Configuring Windows Server 2012 Duration : 5 days Overview Get hands-on instruction and practice installing and configuring Windows Server 2012, including Windows
More informationCritical Hygiene for Preventing Major Breaches
SESSION ID: CXO-F02 Critical Hygiene for Preventing Major Breaches Jonathan Trull Microsoft Enterprise Cybersecurity Group @jonathantrull Tony Sager Center for Internet Security @CISecurity Mark Simos
More information70-647: Windows Server Enterprise Administration Course 01 Planning for Active Directory
70-647: Windows Server Enterprise Administration Course 01 Planning for Active Directory Slide 1 Course 1 Planning for Active Directory Planning the Domains and Forest Structure Planning for Sites and
More informationMU2b Authentication, Authorization and Accounting Questions Set 2
MU2b Authentication, Authorization and Accounting Questions Set 2 1. You enable the audit of successful and failed policy changes. Where can you view entries related to policy change attempts? Lesson 2
More informationCourse 20410D: Installing and Configuring Windows Server 2012
Sales 406/256-5700 Support 406/252-4959 Fax 406/256-0201 Evergreen Center North 1501 14 th St West, Suite 201 Billings, MT 59102 Course 20410D: Installing and Configuring Windows Server 2012 Course Specifications
More informationTraining: Hardening Microsoft Environments
Training: Hardening Microsoft Environments Date of the training: March 12-13,2018 in Heidelberg, Germany Book Now using the voucher code: TR18HMTSEB and save an additional 5% of the current valid rate
More informationAttacking and Defending Active Directory July, 2017
Attacking and Defending Active Directory July, 2017 About: Adam Steed - @aboy 20 years of experience in IAM, working for financial, websites, and healthcare organizations Associate Director Protiviti Security
More informationSecure Application Development. OWASP September 28, The OWASP Foundation
Secure Application Development September 28, 2011 Rohini Sulatycki Senior Security Consultant Trustwave rsulatycki@trustwave.com Copyright The Foundation Permission is granted to copy, distribute and/or
More informationNetwork Security Essentials
Network Security Essentials Fifth Edition by William Stallings Chapter 4 Key Distribution and User Authentication No Singhalese, whether man or woman, would venture out of the house without a bunch of
More informationManaging Group Policy application and infrastructure
CHAPTER 5 Managing Group Policy application and infrastructure There is far more to managing Group Policy than knowing the location of specific policy items. After your environment has more than a couple
More informationRequired privileges and permissions
Required privileges and permissions Table of contents Document summary ADSelfService Plus overview Required permissions Configuring permissions To delegate full control in ADUC to access all ADSelfService
More informationFuture Forests: Realistic Strategies for AD Security & Red Forest Architecture
SESSION ID: STR-R02 Future Forests: Realistic Strategies for AD Security & Red Forest Architecture Katie Knowles Security Consultant MWR InfoSecurity @_sigil Introduction: Why AD Matters How AD is Targeted
More informationA GUIDE TO CYBERSECURITY METRICS YOUR VENDORS (AND YOU) SHOULD BE WATCHING
A GUIDE TO 12 CYBERSECURITY METRICS YOUR VENDORS (AND YOU) SHOULD BE WATCHING There is a major difference between perceived and actual security. Perceived security is what you believe to be in place at
More informationConfiguring, Managing, and Maintaining Windows Server 2008 R2 Servers
Configuring, Managing, and Maintaining Windows Server 2008 R2 Servers Course 6419B - Five Days - Instructor-led - Hands on Introduction This five-day instructor-led course provides students with the knowledge
More informationManaging the Risk of Privileged Accounts and Passwords
Managing the Risk of Privileged Accounts and Passwords Definition: Privileged Account Privileged Management Obviously accounts with special or elevated permissions Windows Every workstation and server
More informationDuration: 5 Days Course Code: M20764 Version: B Delivery Method: Elearning (Self-paced)
Administering a SQL Database Infrastructure Duration: 5 Days Course Code: M20764 Version: B Delivery Method: Elearning (Self-paced) Overview: This five-day instructor-led course provides students who administer
More informationWho am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB
@markmorow Who am I? Identity Product Group, CXP Team Premier Field Engineer SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB Active Directory Domain Services On-premises App Server Validate credentials
More informationTestOut Server Pro 2016: Install and Storage English 4.0.x LESSON PLAN. Revised
TestOut Server Pro 2016: Install and Storage English 4.0.x LESSON PLAN Revised 2018-01-30 2 Table of Contents Introduction Section 1.1: Windows as a Server... 5 Section 1.2: Windows Server 2012 Interface
More informationPCI DSS Compliance. White Paper Parallels Remote Application Server
PCI DSS Compliance White Paper Parallels Remote Application Server Table of Contents Introduction... 3 What Is PCI DSS?... 3 Why Businesses Need to Be PCI DSS Compliant... 3 What Is Parallels RAS?... 3
More informationSecuring Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)
Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF) A Guide to Leveraging Privileged Account Security to Assist with SWIFT CSCF Compliance Table of Contents Executive Summary...
More informationDIGIPASS Authentication for F5 BIG-IP
DIGIPASS Authentication for F5 BIG-IP With VASCO VACMAN Middleware 3.0 2008 VASCO Data Security. All rights reserved. Page 1 of 37 Integration Guideline Disclaimer Disclaimer of Warranties and Limitations
More informationPassword Reset Utility. Configuration
Password Reset Utility Configuration 1 Table of Contents 1. Uninstalling Legacy Password Reset... 2 2. Password Reset Utility: How to deploy and configure via Group Policy... 2 3. Configuring Group Policy
More informationIntroduction to Ethical Hacking. Chapter 1
Introduction to Ethical Hacking Chapter 1 Definition of a Penetration Tester Sometimes called ethical hackers though label is less preferred Pen testers are: People who assess security of a target Specially
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationIdentity with Microsoft Windows Server 2016 (MS-20742)
Identity with Microsoft Windows Server 2016 (MS-20742) Modality: Virtual Classroom Duration: 5 Days SATV Value: 5 Days SUBSCRIPTION: Master, Premium About this course Windows Server vnext, which we now
More informationMicrosoft Official Course
Microsoft Official Course Module 1 Deploying and Managing Microsoft Exchange Server 2013 Module Overview Exchange Server 2013 Prerequisites and Requirements Exchange Server 2013 Deployment Managing Exchange
More information