Lab 10
This lab was all about managing accounts in Active Directory.
Exercise 1
In this exercise, I had a look at the processes running on a system. Each process runs at a different privilege level. The importance of this is that malware runs at the privilege level of the user that is logged on. This is where least privilege comes in. If you give your users as little privilege as possible, it makes it less likely for any malware to cause major damage.
Questions:
In the "Administrators Properties" dialog, click the Apply button - does it work? - No
Can you access any of the snap-ins? - No
Exercise 2
In this exercise I looked at some of the default accounts and groups in Active Directory.
Exercise 3
In this exercise I renamed the administrator account and made a dummy account. The goal is that the dummy administrator account would be compromised instead of the true administrator account. This method is not perfect though because the account SID remains the same, so hackers could identify the true administrator account using the SID.
I also delegated some control of UsersOU to the user 'Sam'.
Exercise 4
In this exercise I set up an audit policy and changed the password requirements for administrative accounts.
Exercise 5
In this exercise, I looked at how the restrictions I created last exercise affect what a user can do.Questions:
In the "Administrators Properties" dialog, click the Apply button - does it work? - No
Can you access any of the snap-ins? - No
Exercise 6
In this exercise I set up a file share on the network, then I assigned permissions and auditing.
Critical Thinking
Looking back at this lab, the focus was on managing the privileges of accounts. This is very important for businesses to manage properly, because if a regular employee has admin privilege for example, they could maliciously or accidently make damaging changes to the network. It also adds a vector of attack for malware. If an employee downloads a malicious program from an email or a dodgy website, it will run at their privilege level.
Removing all privilege except for what is needed reduces the chance of many different things going wrong. The principle of least privilege is highly important.
No comments:
Post a Comment