ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload
19.07.2013 Views
Share Embed Flag

ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload

ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload

ACTIVE DIRECTORY SECURITY CHECKLIST ... - Leet Upload

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
leetupload.com

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Active Directory Checklist, V1R1.2 Field Security Operations<br />

22 September 2006 Defense Information Systems Agency<br />

5.3.1 AD Object Access Permissions and Auditing ....................................................... 5-10<br />

5.3.2 Trust Relationships ................................................................................................ 5-16<br />

5.3.3 Privileged Group Membership............................................................................... 5-21<br />

5.3.4 Other Domain Characteristics................................................................................ 5-24<br />

5.4 Active Directory Forest..............................................................................................5-29<br />

5.5 Directory Service Synchronization \ Maintenance Application ................................ 5-31<br />

5.6 Active Directory Application Mode Instance............................................................5-43<br />

APPENDIX A: OBJECT PERMISSIONS AND AUDIT SETTINGS ...................................... A-1<br />

A.1 File and Directory Permissions................................................................................... A-1<br />

A.1.1 AD Data Permissions.............................................................................................. A-1<br />

A.1.2 Windows Support Tools Permissions ..................................................................... A-2<br />

A.1.3 Synchronization\Maintenance Software Permissions............................................. A-2<br />

A.1.4 Synchronization\Maintenance Data Permissions.................................................... A-3<br />

A.1.5 Synchronization\Maintenance Audit Data Permissions.......................................... A-3<br />

A.2 Registry Key Permissions........................................................................................... A-3<br />

A.3 AD Object Permissions............................................................................................... A-3<br />

A.4 AD Object Audit Settings ........................................................................................... A-4<br />

APPENDIX B: DOCUMENTATION........................................................................................ B-1<br />

B.1 Pre-Trip Information Gathering.................................................................................. B-1<br />

B.1.1 Pre-Trip Interview Questions.................................................................................. B-1<br />

B.1.2 Pre-Trip Documentation ......................................................................................... B-2<br />

B.2 AD Documentation Examples .................................................................................... B-3<br />

B.2.1 Trust Relationship Documentation ......................................................................... B-3<br />

B.2.1.1 Example Trust Relationship Documentation - Child Domain................................ B-3<br />

B.2.1.2 Example Trust Relationship Documentation - Forest Root Domain...................... B-4<br />

APPENDIX C: VMS PROCESS GUIDANCE .......................................................................... C-1<br />

C.1 AD Implementation Data - AD Domain Controller, AD Domain, AD Forest........... C-1<br />

C.1.1 AD Domain Controller Asset Data......................................................................... C-2<br />

C.1.2 AD Domain Asset Data .......................................................................................... C-2<br />

C.1.3 AD Forest Asset Data ............................................................................................. C-3<br />

C.2 Synchronization\Maintenance Application Asset Data .............................................. C-4<br />

C.3 ADAM Instance Asset Data........................................................................................ C-5<br />

APPENDIX D: <strong>DIRECTORY</strong> INFORMATION GATHERING............................................... D-1<br />

D.1 Active Directory.......................................................................................................... D-1<br />

D.1.1 Identifying Domain Controllers.............................................................................. D-1<br />

D.1.2 Determining “Immediate” Domain Structure ......................................................... D-2<br />

D.1.3 Identifying Holders of FSMO Roles....................................................................... D-4<br />

UNCLASSIFIED<br />

iv

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!