Interview Bank
  • Interview Bank
  • Web
    • Persistent Connection and Non Persistent
    • CDN
    • Code Review
    • JWT
      • JWT vs Session Based Authentication
      • JWT Challenge
      • JWE
      • JWS
    • Content Security Policy (CSP)
    • Same-origin Policy (SOP)
    • Cross-Origin Resource Sharing (CORS)
      • Exploiting CORS
    • HTTP Strict Transport Security (HSTS)
    • SQL Injection (SQLi)
    • Password Encryption in Login APIs
    • API Security
      • API Principles
    • Simple bypass PHP
    • Server-side Template Injection (SSTI)
    • Javascript Object and Inheritance
    • HTTP/2
    • Cookie vs Local vs session Storage
    • XML External Entity (XXE)
    • What happened when enter domain name in browser
    • Prototype Pollution - Part 1
    • Prototype Pollution - Part 2
    • Nginx vs Apache
  • OT Security
    • Securing Operational Technology: Understanding OT Security
  • Quantum Computing
    • Quantum Computing: Unveiling the Cryptographic Paradigm Shift
    • Quantum Obfuscation: Shielding Code in the Quantum Era
  • DevSecOps
    • Continuous Integration/Continuous Deployment Pipeline Security
    • Chaos Engineering Overview
      • Security Chaos Engineering
    • Mysql VS redis
    • Kubernetes (k8s)
    • How MySQL executes query
    • REDIS
    • Difference between cache and buffer
  • Windows
    • Pentesting Active Directory - Active Directory 101
    • Pentesting Active Directory - Kerberos (Part 1)
    • Pentesting Active Directory - Kerberos (Part 2)
    • AD vs Kerberos vs LDAP
    • Active Directory Certificate Services Part 1
    • Unconstrained Delegation
    • AS-REP Roasting
    • NTLM Relay via SMB
    • LLMRN
    • Windows lateral movement
    • Constrained Delegation
    • Resource-Based Constrained Delegation
    • IFEO (lmage File Execution Options) Hijacking
  • UNIX
    • Setuid
  • Large Language Models (LLMs)
    • Tokens
    • LangChain
    • Integration and Security
  • Android
    • Keystore
  • Red team development
    • Secure C2 Infrastructure
    • P Invoke in c#
    • D Invoke
    • ExitProcess vs ExitThread
  • Blue Team
    • Indicators of Compromise
    • Methods to prevent Email domain spoofing
    • Windows Prefetching
  • CVE
    • XZ Outbreak CVE-2024-3094
    • Log4J Vulnerability (CVE-2021-44228)
    • SolarWinds Hack (CVE-2020-10148)
    • PHP CGI RCE (CVE-2024-4577)
    • Windows Recall
  • Software Architecture
    • Microservices
    • KVM
  • Docker
    • Overview
    • Daemon Socket
    • Tips to reduce docker size
  • Blockchain
    • Overview
    • Smart Contract
  • Business Acumen
    • Market Research Reports and Perception
    • Understanding Acquisitions
    • Cybersecurity as a Business Strategy
  • Cyber Teams
    • Introduction to Purple Teaming
  • Malware
    • Dynamic Sandbox Limitations
Powered by GitBook
On this page
  1. Windows

Pentesting Active Directory - Active Directory 101

Part 1 of a hopefully fruitful and long series

What is Active Directory?

Active Directory (AD) is a directory service developed by Microsoft for Windows domain networks. Its structure facilitates centralized management of an organization's resources which may include users, computers, groups, network devices, file shares, group policies and trusts.

Active Directory handles a variety of tasks, including authentication and authorization of users and computers in a Windows domain.

So, why is Active Directory important for cybersecurity?

Active Directory can be considered "used by many, but secured by few." It presents a massive attack surface for many companies so it is important to know because when an AD environment is compromised, it typically results in complete control over the network! As security professionals, no matter if we're on the red or blue side, we will come across AD environments of all sizes throughout our careers. For this reason, we need to gain a firm grasp of the structure and function of AD and how to enumerate, attack, and remediate all types of flaws and misconfigurations.

How does Active Directory work?

AD has a distributed and hierarchical structure that provides centralized management of an organization's resources. As mentioned, these resources may include:

  • Users

  • Groups

  • Computers

  • Network devices

  • File Shares

  • Group policies

  • Trusts

These resources (also known as data) are stored as objects. Objects are normally defined as either resource e.g. (computers/printers) or security principals e.g. (users/groups)

A group of objects that share the same AD database is called a domain. One or more domains with a common schema and configuration constitute what is known as a tree. The top tier of Active Directory's logical structure is a forest, which is made up of a group of trees. The forest typically serves as the security boundary for an enterprise network.

Objects within a domain can be grouped into organizational units (OUs) to simplify administration and policy management. OUs can be created according to functional, geographical or business structures. Group policies can then be applied to the OUs for simple administration.

Benefits of using AD

  • Security - AD helps businesses improve security by controlling access to network resources

  • Extensibility - AD can be easily organized to align with companies' organizational structure and business needs

  • Simplicity - Central management of user identities and access privileges across the enterprise.

  • Resiliency - AD supports redundant components and data replication to enable high availability and business continuity.

Ok that's all I need to study Crypto

Interview Question

What is the difference between an AD Domain and a DNS Domain?

What is AD relationship to Azure Active Directory?

What kind of directory services that AD offers?

Author

PreviousDifference between cache and bufferNextPentesting Active Directory - Kerberos (Part 1)

Last updated 1 year ago

Isaac
Source: AD Structure - Source Microsoft.com Docs