Summary
In this chapter, you have learned some basics of AD security. As AD is a huge topic that would cover an entire book itself, we concentrated on AD security from a credential theft and access rights perspective.
You have learned how to implement some basic auditing checks and which open source tools can help you to enumerate AD.
You now know which accounts and groups are privileged in AD and that you should be very careful when delegating access rights. It is also not enough to just deploy AD out of the box; you also need to harden it.
Finally, we dived deep into the authentication protocols that are used within AD and also explored how they can be abused.
We have also discussed some mitigations, but make sure to also follow the advice in Chapter 13, What Else? – Further Mitigations and Resources.
But when we are talking about AD, AAD (or how it will be called in the future: Entra ID) is not far away. Although both services are amazing identity providers...
