일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | ||
6 | 7 | 8 | 9 | 10 | 11 | 12 |
13 | 14 | 15 | 16 | 17 | 18 | 19 |
20 | 21 | 22 | 23 | 24 | 25 | 26 |
27 | 28 | 29 | 30 |
- ssh key 배포
- XCP-ng
- 로그인불가
- bash
- application security
- elastic stack
- macos
- ansible
- proxycfg
- ELASTIC
- xe guest utilities
- freebsd
- Kibana server is not ready yet
- PlayBook
- Proxy
- miniconda
- Elasticsearch
- hardening
- docker
- GitLab
- centos 8
- Kibana
- endpoint security
- Windows
- pfsense
- 한글가이드
- G-suite
- x-pack
- 보안양파
- Today
- Total
선 밖에 선 자유인
Active Directory 보안 관련 본문
https://adsecurity.org/?p=3377
http://securitywing.com/active-directory-security/
https://msdn.microsoft.com/en-us/library/bb727065.aspx
GPO security
https://technet.microsoft.com/en-us/library/cc960657.aspx
Active Directory Security Checklist
The following checklist is provided to help organizations assess and maintain the security of their Active Directory deployments:
1. Ensure that the logical (forest, domain and trust-relationship) structure of your Active Directory is conceptually secure |
2. Ensure that all Active Directory configuration (e.g. Schema, Replication, FSMOs, Backups) data is sound and secure |
3. Ensure that adequate Active Directory management, security and disaster-recovery plans are in place and implemented |
4. Ensure that adequate physical, system and network security is provided for all Domain Controllers and admin workstations |
5. Ensure that the number of IT personnel who possess unrestricted administrative access in Active Directory is minimal |
6. Ensure that all non-critical administrative tasks (e.g. password resets) are delegated based on the principal of least privilege |
7. Ensure that IT personnel can audit all administrative delegations (i.e. assess and verify effective access) in Active Directory |
8. Ensure that auditing mechanisms are in place to capture the enactment of all admin/delegated tasks in Active Directory |
9. Ensure that all applications and tools used by IT personnel are trustworthy (i.e. verifiably safe, reputable and secure) |
10. Ensure that security and effective access audits are performed on a regular basis to consistently ensure security |
Best_Practices_for_Securing_Active_Directory.pdf