Blue Team Toolkit
  • 👊Welcome!
  • application-security
    • Application Security
  • DFIR Toolkit
  • Incident Response
    • Containment, Eradication, and Recovery
    • Network Analysis
    • MITRE ATT&CK Framework
    • post-incident
    • preparation
  • network-hardening
    • Basic Network Tools
    • Basic Port Info
    • NMAP
    • Wireshark
  • Phishing Analysis
    • Basic Email Info
    • Email Headers
  • reversing
    • gdb
    • reversing
  • Security Information and Event Monitoring
    • DeepBlueCLI
    • Linux Log Analysis
    • Log Review Approach
    • Network Device Log Analysis
    • Other Tools
    • SIFT Workstation
    • Splunk
    • Syslog
    • Sysmon
    • Web Server Log Analysis
    • Windows Log Analysis
  • Systems Forensics
    • Autopsy
    • Basic File Metadata
    • Browser History Capturer
    • Browser History Viewer
    • Digital Evidence Handling
    • Exiftool
    • File Hashing
    • File Systems
    • forensics-workstation
    • FTK Imager
    • John the Ripper
    • JumpList Explorer
    • KAPE
    • Linux Artifacts
    • Memory File Analysis
    • Prefetch Explorer Command Tool PECmd.exe
    • Scalpel
    • Steghide
    • Sysinternals
    • Volatility
    • Windows Artifacts
    • Windows File Analyzer
    • YARA
  • systems-hardening
    • Active Directory Hardening
    • linux-hardening
    • windows-hardening
Powered by GitBook
On this page
  1. systems-hardening

Active Directory Hardening

User awareness and training Limit the exposure of AD services and applications online Enforce Network Access Control (NAC) Enforce SMB Signing Follow the principle of least privileges Implement strong authentication mechanisms, such as multi-factor authentication (MFA), to help ensure that only authorized users are able to access sensitive data and systems.

User awareness and training Limit the exposure of AD services and applications online Enforce Network Access Control (NAC) Enforce SMB Signing Follow the principle of least privileges Implement strong authentication mechanisms, such as multi-factor authentication (MFA), to help ensure that only authorized users are able to access sensitive data and systems.

Regularly monitor the environment for suspicious activity, including unauthorized access attempts and unusual login patterns.

Apply security patches and updates to your systems and software in a timely manner, to help reduce the risk of known vulnerabilities being exploited.

Ensure that your systems are configured securely, and that you have implemented appropriate security controls, such as firewalls, intrusion detection systems, and data encryption.

Regularly perform penetration testing and vulnerability assessments to identify potential security weaknesses and to help validate the effectiveness of your security controls.

Previoussystems-hardeningNextlinux-hardening

Last updated 1 year ago