Security Basics mailing list archives
Re: Active Directory Audit
From: "TAS" <p0wnsauc3 () gmail com>
Date: Fri, 4 Mar 2011 03:37:17 +0000
Hey Kurt, Below are some quick things that come to my mind, 1. Auditing User & Groups 2. Auditing the existing policy they have implemented on the domain. The admin can give you the export of the policy. 3. Hardening of the underlying OS. Audit against a vanilla checklist would be good. 4. Change management around the active directory. 5. Members of the Domain Admin Group. 6. Account and Password Policy. 7. Check if any users are granted exceptions on any of the policies defined on the AD. Especially Account and Password policy. 8. Backups. 9. Security policy of the domain controller(not the domain) 10. Security Patches. Etc etc...there are some mentioned on the below link as well. http://www.niiconsulting.com/products/auditpro/reports/apwin.html HTH TAS! Sent from BlackBerry® - Vodafone -----Original Message----- From: "Kurt M. John" <kjohn () tcba com> Sender: listbounce () securityfocus com Date: Wed, 2 Mar 2011 11:46:50 To: <security-basics () securityfocus com> Reply-To: kjohn () tcba com Subject: Active Directory Audit Hey Guys, Huge favor. I have an active directory audit to complete. Does anyone know of an APG or checklist which can help me. I would appreciate it so much. It'll really help me out a lot. Time is of the essence. Thanks, Kurt M. John, CISA, C|EH, CPT Sent from my HTC on the Now Network from Sprint ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- Active Directory Audit Kurt M. John (Mar 03)
- Re: Active Directory Audit Phil (Mar 07)
- Re: Active Directory Audit TAS (Mar 07)
- Re: Active Directory Audit Ardian Silvano (Mar 07)