0Pricing
Cyber Security Academy · Lesson

Active Directory Hardening

Implement tiered admin model, Protected Users group, credential guard, and audit policies.

AD Hardening Philosophy

Active Directory is the authentication backbone of most enterprise Windows environments. Compromising AD means compromising everything. Hardening focuses on reducing attack surface, protecting privileged accounts, and enabling detection.

Tiered Administration Model

The tiered admin model prevents privilege escalation by requiring different admin accounts for each tier: Tier 0 (domain controllers), Tier 1 (servers), Tier 2 (workstations). Admins never log into lower tiers with higher-tier credentials.

# Tier 0: DC, PKI, ADFS, Azure AD Connect
# Tier 1: Servers, applications
# Tier 2: Workstations, laptops

# Tier 0 admins only log into Tier 0 systems
# Violation: DA logging into workstation
# = hash exposed, domain compromise possible

All lessons in this course

  1. Windows Authentication: NTLM and Kerberos
  2. Pass-the-Hash and Pass-the-Ticket Attacks
  3. Kerberoasting and AS-REP Roasting
  4. Active Directory Hardening
← Back to Cyber Security Academy