Active Directory Security Fundamentals - February 2024 (Virtual; US Time)

Kerberos, ADUC, Golden Tickets, Security Principals – have you come across these or similar words in penetration test reports or security bulletins and felt a little… lost? Active Directory comprises many components that fulfill complex architectural requirements but can also open cracks through which attackers may slip. Active Directory: Security Fundamentals demystifies the various Active Directory components and illustrates how these components can potentially introduce risks to your organization. This course empowers network defenders to directly look under the hood of their Active Directory architecture and understand their environment better than attackers.

Course Summary

Dig into Active Directory! This course will help you roll up your sleeves and get hands-on with Active Directory, enabling participants to gather answers directly when questions surrounding their organization’s AD architecture arise in the future. Learn Active Directory components and not only how they work together but also how they can work against your organization’s security posture.

Countless organizations leverage Active Directory (AD) to provide the foundation or entirety of their production environment’s identity and access management. But widespread usage doesn’t mean AD is simple; beyond its architecture and design considerations lie security implications that can directly impact your organization.

Active Directory: Security Fundamentals details key components of AD technology and architectures, focusing on the security implications of each. We’ll cover physical & logical components, forests & domains, Kerberos, and various tooling like ADUC – all from a security perspective. Course participants will get hands-on experience enumerating the architectures and security controls of a live Active Directory environment and will then analyze the data extracted.

Course Syllabus

Day 1:

• Introduction
• Physical and Logical Overview
• Accounts and Access
• LDAP
• Groups
• Forests and Domains

Day 2:

• AD Security Principles and Models
• Kerberos
• Kerberos Delegation
• Identifying Misconfigurations
• AD Degradation
• Attack Paths

Participant Requirements

Active Directory: Security Fundamentals is intended for security professionals of any experience level looking to learn more about the foundations of Active Directory security and analysis methods. This course assumes no prior Active Directory knowledge, though participants would benefit from previous exposure to an enterprise Active Directory environment.

FAQs

How can I contact the organizer with any questions?

Please email training@specterops.io with any questions.  

What's the refund policy?

Full refunds will be provided up to 7 days before the course start date.

What are the hardware requirements for attending the course?

Courses are based in the SpecterOps training portal and accessible via an internet connection; no VMs are required for labs. The following are recommended hardware requirements:

• Internet Connection
• 8GBs of RAM
• Modern Web Browser capable of rendering HTML5