Assignment:
1. Windows local and Domain accounts that are targets for credential theft and their purpose
2. Unix accounts that are targets for credential theft and their purpose
3. Based on your account plan and the privileges you would delegate to those accounts, implement that plan in your active directory lab environment. Create the user accounts and groups necessary for that plan and then delegate the permissions
4. Write a detailed plan for turning your Windows 10 host in the lab environment into a secure administrative host.
5. Are domain controllers, virtual and physical, inherently secure?
6. Why would an attacker target a domain controller first when there may be other targets such as databases, web servers, file servers, etc.?
7. What can one do to further enhance the security for domain controllers?
8. Based on your suggestions for enhancing the security of domain controllers above, write a brief plan for securing the domain controller in your lab environment, bullet points are fine.
9. Now implement the plan on both domain controllers in the lab. Be cognizant of how these controls may affect the remote access you need.
10. Discuss why log monitoring in your Windows domain is such an important part of any security program?
11. Discuss the top 10 audit/event logs that you should be monitoring for on your domain controllers
12. Discuss the top 10 audit/event logs that you should be monitoring for on your workstations
13. What type of system should you be sending your logs to?
14. Explain to me what the LAMP stack is and what each member of the stack is used for.