10+ Up-To-Date Ways to Harden Windows Against Modern Active Directory Attacks with Randy Franklin Smith

Register to watch full recorded webinar for free
{{ firstError }}
We care about security of your data.
Privacy Policy
About the Webinar

The bad guys have dreamed up a lot of new ways to attack Active Directory and the larger Windows environment. And methods that in the past were just theoretical are now common place. Randy Franklin Smith has been talking a lot about how to detect these attacks and also how to architect your environment to prevent them – such as with the “red forest” design. In this webinar, Randy is going to show you over 12 different ways to harden Windows using Security Options in Group Policy, registry settings and more to protect against Active Directory attacks. Here is some of what will be covered:

  • LSA Protection
  • WDigest
  • Computer Password Policy Refresh Interval
  • Limit local user account logon restrictions with the S-1-5-113 (Local account) and S-1-5-114 (Local account and member of Administrators group) SIDs
  • Restrict Domain and Enterprise Admins from logging on to less privileged servers and workstations
  • Mark privileged accounts as "sensitive and cannot be delegated"
  • Restrict NTLM by putting privileged accounts in the Protected Users security group
  • Restricted Admin mode for Remote Desktop Connection
  • PowerShell Script Block Logging and ConstrainedLanguage Mode 
Randy Franklin Smith avatar
Randy Franklin Smith,
CEO, Monterey Technology Group, Inc.
Jeff Warren avatar
Jeff Warren,
SVP, Products