Active Directory infrastructure security is a broad topic to cover in one chapter. Active Directory security is not just dependent on AD DS; it is related to every layer in the OSI 7-layer model. In the beginning of the chapter, I explained Kerberos authentication and what exactly happens behind the scene when a user tries to access a resource in the Active Directory environment. Then, we moved on to delegated permission control, and there, we learned how we can delegate permissions to users to do specific administrative tasks. After that, we moved to a new section, where I explained pass-the-hash attacks.

Microsoft has introduced new tools and features that can be used to prevent pass-the-hash attacks. The Protected User security group, restricted RDP mode, authentication policies, and authentication policy silos are some of those. In this chapter, you learned how these tools work and how we can implement them in the AD environment. Then, we moved on to JIT and JEA. Both technologies can be used to manage privileges in an effective, secure manner.

In the next chapter, we will look into AD management with PowerShell. JEA implementation will also be covered as a part of it.