Active Directory
On-premises Active Directory security: Tier-0 assets, Kerberos, NTLM, GPO, ACL abuse, delegation misconfigurations, and AD attack patterns.
20 terms in Active Directory
What is Active Directory?
Active Directory, often called AD, is Microsoft's directory service used to manage users, computers, groups, devices, permissions, and policies in enterprise Windows environments.
What is Active Directory Security?
Active Directory security is the discipline of protecting AD — the identity backbone of most enterprises — from misconfiguration, abuse, and attack. Learn the risks, controls, and a practical roadmap.
What is a Domain Controller?
A Domain Controller (DC) is the server that authenticates users and enforces policy in an Active Directory domain. Learn what DCs do, FSMO roles, and how to secure them.
What is an Active Directory Domain?
An Active Directory domain is a logical security boundary that groups users, computers, and resources under a common directory and policy. Learn the structure, trusts, and security implications.
What is an Active Directory Forest?
An Active Directory forest is the top-level container in AD and the true security boundary. Learn what it is, how it differs from a domain, and the security implications.
What is Group Policy?
Group Policy is the Active Directory feature for centrally managing configuration and security settings on Windows users and computers. Learn what it does and how attackers abuse it.
What is Kerberos Authentication?
Kerberos is the primary authentication protocol in Active Directory, using a ticket-based system to verify identity without sending passwords. Learn how it works and how attackers abuse it.
What is NTLM Authentication?
NTLM is a legacy challenge-response authentication protocol still used in many Active Directory environments. Learn how it works, why it's risky, and how to phase it out.
What is LDAP?
LDAP is the standard protocol for querying and modifying directory services like Active Directory. Learn how it works, common attacks, and how to harden it.
What is Active Directory Delegation?
AD delegation lets services impersonate users to access other resources on their behalf. Learn the types — unconstrained, constrained, RBCD — and how attackers abuse them.
What is a Domain Admin?
Domain Admin is the highest-privilege standard group in an Active Directory domain. Learn what it can do, why it's the top target for attackers, and how to manage it safely.
What is AdminSDHolder?
AdminSDHolder is a special object in Active Directory that re-applies a strict ACL to privileged accounts every hour. Learn what it does, how attackers abuse it, and how to monitor it.
What is Kerberoasting?
Kerberoasting is an Active Directory attack that lets any authenticated user request service tickets and crack them offline to recover service account passwords. Learn how it works and how to defend.
What is AS-REP Roasting?
AS-REP Roasting targets Active Directory accounts with Kerberos pre-authentication disabled, allowing attackers to crack their passwords offline. Learn how to detect and defend.
What is DCSync?
DCSync is an Active Directory attack that abuses replication rights to extract password hashes — including KRBTGT — directly from a Domain Controller. Learn how it works and how to defend.
What is Pass-the-Hash?
Pass-the-Hash (PtH) is an attack that lets an adversary authenticate using an NTLM password hash without knowing the plaintext password. Learn how it works and how to defend.
What is a Golden Ticket Attack?
A Golden Ticket attack lets attackers forge Kerberos TGTs using the KRBTGT hash, granting them long-lived impersonation of any user — including Domain Admin. Learn how it works.
What is Active Directory Certificate Services?
Active Directory Certificate Services (AD CS) issues certificates used for authentication and encryption across the enterprise. Learn how it works and how to harden ESC1–ESC15 misconfigurations.
Common Active Directory Misconfigurations
Most AD compromises trace back to the same handful of misconfigurations. Learn the most common AD security mistakes and how to fix them.
Active Directory Security Checklist for Beginners
A practical, beginner-friendly checklist for hardening Active Directory — from Tier 0 administration to AD CS, delegation, GPOs, NTLM, and continuous attack-path analysis.
See your identity risk clearly.
Start with a 1-day Proof of Value in your own environment.