« Previous 1 2

Monitoring changes in Active Directory with built-in tools

Tracking Down Attackers

Conclusions

Risk detected; risk averted. This common guiding principle also needs to be applied to managing Active Directory. Changes in AD can be monitored and documented with built-in tools. Although a well-configured monitoring policy cannot completely prevent attacks, if they are detected early, they can at least be contained. The built-in tools in Windows are all you need to acquire comprehensive information on what is happening on your network.

Infos

  1. Microsoft Security Compliance Toolkit 1.0: https://www.microsoft.com/en-us/download/details.aspx?id=55319
  2. Monitoring Active Directory: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
  3. Events to be monitored: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/appendix-l--events-to-monitor

« Previous 1 2

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”> </a> <hr> </div> </div> <div class=