MIC01 - Automated deployment of a proven AD security model

• Understanding Windows System Security
• Understand attack techniques to better defend yourself
• Understanding the Active Directory Security Model
• Deploying the custom security model

DAY 1: AD security model, generalities and main vulnerabilities

Part 1 - Introduction :

• Introduction
• Tour de table
• Fundamental "system" concepts
  • Registry and hive files
  • Services
  • System" accounts
  • SAM base

Part 2 - Understanding attacks to better defend yourself :

• Presentation of two killchains
• Overview of the top 20 attacks targeting an Active Directory
• Presentation of vulnerable protocols

DAY 2 : Principle and application of Tiering

Part 3 - IS-wide Tiering:

• Overview of countermeasures to prevent AD attacks
• AD dependencies ⇋ Virtualization
• AD dependencies ⇋ network
• AD dependencies ⇋ Supervision
• AD dependencies ⇋ Backup

Part 4 - Tiering at the DA Level:

• State of the art of the model
• Presentation of each third party:
  • Organizational units
  • Administration groups
  • Administrators
  • Administration delegations
• Tiering Compliance:
  • Logical isolation (Containers)
  • Physical isolation (GPO)

DAY 3: Setting up the security model

Part 5 - Securing with the AD model :

• Local access:
  
  • LAPS presentation
  • Presentation of group strategies
• Administration stations
• Group policies

Part 6 - Configuring and Using the AD Security Model :

• Documentation: centralization of knowledge
• Customization
• The execution of the solution
• Receipt of deployment

Part 7 - Conclusion:

• Some feedbacks
• The security model roadmap

It is recommended to have a general culture related to the IT world
and to the stakes of IT security.

INTENDED PUBLIC:

• ISD
• CISO
• Design engineer
• Architect
• IT Team