Securing and Auditing Windows Active Directory Domains - ASO402

Securing and Auditing Windows Active Directory Domains

Securing and Auditing Windows Active Directory Domains - ASO402

Upcoming Dates & Locations

Onsite - New York
Oct 18th, 2021 - Oct 21st, 2021

Securing and Auditing Windows Active Directory Domains - ASO402


Price: $2063.00


This course focuses on developing an audit program, how to obtain Active Directory data using PowerShell scripts, items to look for in the output, ways to protect against attacks, and storing samples of the output as evidence of security protocols.

Who Should Attend

System and Security Administrators; Information Security Managers and Analysts; Network Administrators; Security Architects; Information Technology Auditors and Consultants


  • A working knowledge of Windows Server, Windows 7, Excel and VMware Workstation is helpful, but not mandatory.

What You’ll Learn

You will learn how to effectively audit Active Directory using VMware workstations and Windows Domain Controllers and Workstations.


  • Windows and Windows Networks 
    • Active Directory Basics 
      • Users and Groups 
        • Active Directory Password Policies 
          • Active Directory Folder Rights 
            • Active Directory Delegation 
              • Compliance Manager and Group Policy 
                • User Rights and Event Viewer 
                  • Hardening Active Directory 
                    •  Active Directory Case Study


                    Windows and Windows Networks:

                    • Windows Operating Systems and Versions.
                    • Windows Patches
                    • Windows Server Builds
                    • vLANs
                    • Siloing

                    Auditing Active Directory Core Components:

                    • Domains, Trees and Forests
                    • Active Directory Structure
                    • Active Directory Sites and Services
                    • Domain Controllers
                    • DNS
                    • Time Configuration
                    • Active Directory Domains and Trusts
                    • Active Directory Federation Services
                    • Active Directory Certification Authority

                    Auditing Active Directory Users:

                    • User Accounts
                    • Windows Services
                    • Active Directory Administrative Center
                    • Active Directory Recycle Bin
                    • Authentication Policies
                    • Authentication Policy Silos

                    Auditing Active Directory Groups:

                    • Group Types
                    • Access Control Lists
                    • Auditing Domain Groups

                    Authentication and Auditing Protecting Policies

                    • Security Identifiers (SIDs)
                    • Kerberos
                    • Password Attack Techniques
                    • Protecting Passwords
                    • Password Policies
                    • Fine Grained Password Policies

                    Active Directory Folder Rights:

                    • Share Permissions
                    • NTFS Permissions
                    • Inheritance
                    • Folder structure and permissions
                    • Drive mappings
                    • Best Practices
                    • Identify sensitive folders

                    Active Directory Delegation:

                    • Reasons to Delegate the Administration of Active Directory
                    • Active Directory Administration Delegation
                    • Audit Active Directory Delegation
                    • Kerberos Unconstrained Delegation

                    Security Compliance Manager and Group Policy:

                    • Microsoft Security Assessment Tool 4.0
                    • Retina Network Vulnerability Community Scanner
                    • Microsoft Security Compliance Toolkit 1.0
                    • Group Policy

                    Auditing User Rights and Event Viewer:

                    • Auditing User Rights
                    • Event Viewer

                    Hardening Active Directory:

                    • Password Policies
                    • Patch Management
                    • Upgrade Domain Controllers to Windows Server 2016/2019
                    • Multifactor authentication
                    • Authentication Policy Silos
                    • Silo your Network
                    • Audit Administration Account Use
                    • Limit Membership of Schema Admins and Enterprise Admins Groups.
                    • Use Separate Administrative Accounts
                    • Continuous Monitoring
                    • End User Training

                    Active Directory Case Study

                    Why You Should Attend

                    You should attend because organizations increasingly rely on Active Directory and auditors must know how to collect data about the relevant objects and attributes, analyze them and report on that information.

ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: