6. Result Example of AD Risk
Assessment for Company X
Disable booting from alternative OS
Upgrade to higher domain and forest functional level
Create secondary DC
Create computer-based OU
Limit & control high privilege domain accounts
Utilize the use of restricted groups
Separate account for administrators
Implement secure password policies
Implement secure account lockout policies
Perform regular AD backup
Automatic patch management system
Perform regular vulnerability assessment
Uninstall unnecessary ports and services
Create AD documentation
Upgrade to secure protocols