August 2019
Intermediate to advanced
786 pages
20h 22m
English
Content preview from Mastering Active Directory - Second Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Restricted admin mode for RDP
In a typical identity infrastructure attack, the first target is usually a regular user account or an endpoint. This is because highly privileged accounts and critical systems have advanced protection compared to end user devices. In most environments, these systems and accounts are constantly monitored and there is a high possibility that engineers recognize unauthorized login attempts or unusual behavior quickly. A typical end user account does not have the privileges or capabilities to do much damage, but a privileged account does. Once an attacker completes a successful initial breach, the next thing they are looking to do is to get their hands on the privileged account.
If they start to mess around in an ...