Beyond the MCSE Red Teaming Active Directory
DEFCON-24-Sean-Metcalf-Beyond-The-MCSE-Red-Teaming-Active-Directory
DEFCON-24-Sean-Metcalf-Beyond-The-MCSE-Red-Teaming-Active-Directory
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Privileged Admin Workstation (PAW)<br />
• <strong>Active</strong> <strong>Directory</strong> Admins only logon to PAWs.<br />
• Should have limited/secured communication.<br />
• Should be in <strong>the</strong>ir own OU.<br />
• May be in ano<strong>the</strong>r forest (<strong>Red</strong>/Admin Forest).<br />
• Compromise install media or patching system.<br />
• Compromise in/out comms.<br />
| @PryoTek3 | sean @ adsecurity.org |