1
00:00:06,980 --> 00:00:14,510
Before you define any security measures you need to determine against which threats you need to protect

2
00:00:14,510 --> 00:00:15,780
your network.

3
00:00:15,830 --> 00:00:24,110
You need to define your organization's security boundaries and you must identify from where hackers

4
00:00:24,110 --> 00:00:28,480
or attackers might try to compromise your security.

5
00:00:28,490 --> 00:00:35,360
For example you will need to secure your network against attacks from outside your company.

6
00:00:35,360 --> 00:00:43,460
You also might have regions departments or groups where you can not trust your organization's employees

7
00:00:43,790 --> 00:00:51,200
in the same way as you trust employees in a strictly controlled environment such as your main office.

8
00:00:51,200 --> 00:00:55,240
Do you have administrative groups that you can not trust.

9
00:00:55,250 --> 00:01:01,430
Do you have locations or departments that require a higher level of security.

10
00:01:01,760 --> 00:01:09,650
All of these factors will have an impact on your security planning to secure your Active Directory Domain

11
00:01:09,890 --> 00:01:11,660
and domain controllers.

12
00:01:11,660 --> 00:01:19,880
You need to address security in terms of the following risks such as network security authentication

13
00:01:19,880 --> 00:01:29,930
attacks elevation of privileges denial of service attack operating system service or app attacks operational

14
00:01:29,930 --> 00:01:33,320
risks and physical security threats.

15
00:01:33,320 --> 00:01:37,160
Now let's take a closer look at each of these risks.

16
00:01:37,160 --> 00:01:39,890
First is network security.

17
00:01:39,890 --> 00:01:45,910
An attacker must gain access to your network to get further information.

18
00:01:45,920 --> 00:01:54,050
Therefore you should ensure that network boundaries such as firewalls aren't exposed services are highly

19
00:01:54,050 --> 00:01:55,190
protected.

20
00:01:55,190 --> 00:02:03,500
Also you should ensure that your wireless networks are secured properly and do not allow untrusted devices

21
00:02:03,500 --> 00:02:06,390
to connect to your internal network.

22
00:02:06,450 --> 00:02:15,530
Use certificates for wireless connections and implement Network Access Protection or NAB to secure network

23
00:02:15,560 --> 00:02:16,360
access.

24
00:02:16,370 --> 00:02:19,630
The next risk is authentication attacks.

25
00:02:19,640 --> 00:02:28,370
Access to authentication credentials such as usernames and passwords is the primary target for anyone

26
00:02:28,370 --> 00:02:35,840
who tries to access your network and data Active Directory Domain Controllers store all information

27
00:02:35,840 --> 00:02:43,810
about all users and their passwords and they need sufficient security to protect this information.

28
00:02:43,820 --> 00:02:51,350
The next threat is elevation of privilege while regular user credentials can access certain information

29
00:02:51,680 --> 00:02:59,840
domain administrators or other administrative groups have elevated privileges given those accounts control

30
00:02:59,900 --> 00:03:01,110
over data.

31
00:03:01,250 --> 00:03:08,600
In many cases admin and administrators can grant themselves additional access to resources.

32
00:03:08,870 --> 00:03:16,490
Additionally they can configure security measures if attackers cannot await the credentials they used

33
00:03:16,490 --> 00:03:22,200
by booting their accounts into elevated groups in the same or trusted domains.

34
00:03:22,310 --> 00:03:29,430
They can lower security and potentially bypass auditing of security safeguards.

35
00:03:29,450 --> 00:03:38,450
The next risk is denial of service attack a malicious user or users do not launch DOS attacks to access

36
00:03:38,450 --> 00:03:44,980
data but rather to disable services systems or whole infrastructures.

37
00:03:45,020 --> 00:03:52,610
Certain security measures such as account lock out policies might be useful in protecting your network

38
00:03:52,880 --> 00:03:57,550
against some threats but they also provide an easily accessible.

39
00:03:57,550 --> 00:03:59,450
Does attack surface.

40
00:03:59,480 --> 00:04:06,270
Next up is operating systems service and app attacks network operating systems.

41
00:04:06,320 --> 00:04:14,800
In addition to services and apps that support communication over networks are while honorable to security

42
00:04:14,820 --> 00:04:15,700
techs.

43
00:04:15,740 --> 00:04:24,050
These systems provide communication over a network and attackers will try to drag the expected communications

44
00:04:24,350 --> 00:04:24,950
to MAG.

45
00:04:24,950 --> 00:04:30,230
These services do Sampson differently than what was intended.

46
00:04:30,230 --> 00:04:32,870
Another risk is a biracial risk.

47
00:04:32,960 --> 00:04:38,780
It is important to maintain an organization's infrastructure properly.

48
00:04:38,780 --> 00:04:46,910
Any kind of software that operates over networks could be a potential target for attackers to tighten

49
00:04:46,910 --> 00:04:55,610
security software around hardware Rwanda's release updates regularly to ensure that they do not leave

50
00:04:55,610 --> 00:04:57,890
a network vulnerable.

51
00:04:57,920 --> 00:05:01,670
The next threat is physical security threat.

52
00:05:01,670 --> 00:05:09,190
It is important for Active Directory Domain Controllers to be physic secure if someone gets physical

53
00:05:09,190 --> 00:05:17,700
access to a server it is easier to disable security safeguards sound around malicious software locally

54
00:05:17,980 --> 00:05:20,770
to retrieve all passwords in a domain.