How to Secure Active Directory (AD Tiering) - Tutorial 15 min
Вставка
- Опубліковано 15 вер 2024
- A 15 minute tutorial about #ActiveDirectory (#Tiering) with Peter Löfgren, Senior Technical Architect and part of our #Truesec Incident Response Team, discussing the topic of how you can avoid getting exposed to #cyberattacks by protecting your credentials.
______
Unknown vulnerabilities and weaknesses in your IT environment will poses a large risk of being hit by a cyberattack. To ensure a secure infrastructure and staying ahead of threat actors, you need to identify vulnerabilities and create a secure infrastructure on all levels of your organization. Protecting your credentials is one of them. By understanding what cybercriminals can do with your credentials, you can also learn how to protect yourself and your environment.
You will learn about:
- Tiering, and administrative approach to keeping your credentials safe.
- What is pass-the-hash and pass-the-ticket.
- Stepping up your game with Authentication silos and Conditional Access.
_____
For Whom:
Tech Professionals, IT technicians, IT professionals, and for you working at an IT department interested in cyber security.
Stay updated on our Tech Talks here: www.truesec.co...
A public version of the script would be awesome, thanks for the video
I think it's important to also note, that in a live environment - You can't just switch service accounts around. As there are dependencies. A Service Account is often used across of servers, which would after tiering be divided into Tier 0 and Tier 1. I like the overall idea here, it's something i implement myself and having a nice script to help is top notch! Though i must say in a operational structure, where u can't just go offline on servers etc, you need to analyze each server for URA (User Right Assignments) And figure out, if you break service accounts after GPO's are applied.
Thanks for the video :)
Is the script public?
Great video - Is the script availble, how/where ?
Comment section: if you simply obtained the script and applied the configs to your sandbox environment, your knowledge and skills will only suffer.
Recreate the commands by slowly scrubbing through the video if you want to enhance your understanding. There are no shortcuts.
Or just search online.
Can you explain what will be tier 0, tier 1 servers... ?
Great Video.
Tier 0 = Domain Controllers, PKI, ADFS, SCCM, SCOM, Exchange IDM/IAM, AAD Connect/Sync server, Backup and hypervisors. Tier 1 servers could be the rest of your server infrastructur. E.g., som SQL Servers, fileservers etc.
Can I have the script? TX
Can we have the scripts, thanks in advanced
Is the scripts available? And where ? Thanks
It would be great if the script was shared. It would make the video more useful. @Truesec
Can I have the script please?
Hi, great video, how can we have the template script, thanks ?
Great video. Can you share the script?
Is it possible to get the scripts? I haven't found any other resources for this
Great explanation, but.. Moving servers, drag n drop?! What is the expected impact on the working of the server? What happens when I move my DC’s to the tier 0 folder?
You can't move DCs from built-in OU Domain Controllers, to tier 0 OU.
Domain Controllers are never moved, they are still Tier 0 in the OU they are located
Link to the script?
Hello, would it be possible to have the script please?
Whos the winner ? How to know ?
Hi, thanks, can you share your script please ?
Why do you even share video like this if you don't share the script you are using? O_o
Can you share your script please
the script please, tnx
Basically you went through all of the work of setting up a tiering system only to revert back to the classic "Domain Admin has access to everything" model. The point of tiering is to segment administrative access and not expose privileged accounts more than needed. You exposed the T0 accounts to risk by allowing them to log on to a potentially compromised workstation in an upper tier. Baaaaaad!