The bad guys have dreamed up a lot of new ways to attack Active Directory and the larger Windows environment. And methods that in the past were just theoretical are now common place. Randy Franklin Smith has been talking a lot about how to detect these attacks and also how to architect your environment to prevent them – such as with the “red forest” design. In this webinar, Randy is going to show you over 12 different ways to harden Windows using Security Options in Group Policy, registry settings and more to protect against Active Directory attacks. Here is some of what will be covered:
- LSA Protection
- Computer Password Policy Refresh Interval
- Limit local user account logon restrictions with the S-1-5-113 (Local account) and S-1-5-114 (Local account and member of Administrators group) SIDs
- Restrict Domain and Enterprise Admins from logging on to less privileged servers and workstations
- Mark privileged accounts as "sensitive and cannot be delegated"
- Restrict NTLM by putting privileged accounts in the Protected Users security group
- Restricted Admin mode for Remote Desktop Connection
- PowerShell Script Block Logging and ConstrainedLanguage Mode
- PAC Validation
View the Webinar!