« Previous 1 2
Monitoring changes in Active Directory with built-in tools
Tracking Down Attackers
Conclusions
Risk detected; risk averted. This common guiding principle also needs to be applied to managing Active Directory. Changes in AD can be monitored and documented with built-in tools. Although a well-configured monitoring policy cannot completely prevent attacks, if they are detected early, they can at least be contained. The built-in tools in Windows are all you need to acquire comprehensive information on what is happening on your network.
Infos
- Microsoft Security Compliance Toolkit 1.0: https://www.microsoft.com/en-us/download/details.aspx?id=55319
- Monitoring Active Directory: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/monitoring-active-directory-for-signs-of-compromise
- Events to be monitored: https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/plan/appendix-l--events-to-monitor
« Previous 1 2
Buy this article as PDF
Express-Checkout as PDF
Price $2.95
(incl. VAT)
(incl. VAT)
Buy ADMIN Magazine
TABLET & SMARTPHONE APPS
US / Canada
UK / Australia
Related content
-
Group policies on Windows Server 2022
We discuss how to manage and secure clients with group policy object templates and look at some recommendations from various governmental and non-governmental security advocates. -
Reducing your attack surface
Windows Defender Application Control protects systems against threats that traditional virus scanners and signature-based mechanisms cannot detect by restricting applications in the user context and reducing the code allowed in the system kernel. -
Integrating scripts into Group Policy
Incorporating scripts into Group Policy can make a sys admin's job much easier. - NetIQ Releases Change Guardian 4.0
-
Protect privileged accounts in AD
Granular protection for highly privileged accounts is granted by the Protected Users group in Active Directory and Kerberos authentication policies.