Securing and Auditing Windows Active Directory Domains - ASO402


This course focuses on developing an audit program, how to obtain Active Directory data using PowerShell scripts, items to look for in the output, ways to protect against attacks, and storing samples of the output as evidence of security protocols.


Tuition cost


NASBA Certified CPE

32 Credits


Why you should attend

You should attend because organizations increasingly rely on Active Directory and auditors must know how to collect data about the relevant objects and attributes, analyze them and report on that information.

Who should attend

System and Security Administrators; Information Security Managers and Analysts; Network Administrators; Security Architects; Information Technology Auditors and Consultants

What You'll learn

You will learn how to effectively audit Active Directory using VMware workstations and Windows Domain Controllers and Workstations.


A working knowledge of Windows Server, Windows 7, Excel and VMware Workstation is helpful, but not mandatory.

Windows and Windows Networks

Active Directory Basics

Users and Groups

Active Directory Password Policies

Active Directory Folder Rights

Active Directory Delegation

Compliance Manager and Group Policy

User Rights and Event Viewer

Hardening Active Directory

Active Directory Case Study



Windows and Windows Networks:

Windows Operating Systems and Versions.

Windows Patches

Windows Server Builds



Auditing Active Directory Core Components:

Domains, Trees and Forests

Active Directory Structure

Active Directory Sites and Services

Domain Controllers


Time Configuration

Active Directory Domains and Trusts

Active Directory Federation Services

Active Directory Certification Authority

Auditing Active Directory Users:

User Accounts

Windows Services

Active Directory Administrative Center

Active Directory Recycle Bin

Authentication Policies

Authentication Policy Silos

Auditing Active Directory Groups:

Group Types

Access Control Lists

Auditing Domain Groups

Authentication and Auditing Protecting Policies

Security Identifiers (SIDs)


Password Attack Techniques

Protecting Passwords

Password Policies

Fine Grained Password Policies

Active Directory Folder Rights:

Share Permissions

NTFS Permissions


Folder structure and permissions

Drive mappings

Best Practices

Identify sensitive folders

Active Directory Delegation:

Reasons to Delegate the Administration of Active Directory

Active Directory Administration Delegation

Audit Active Directory Delegation

Kerberos Unconstrained Delegation

Security Compliance Manager and Group Policy:

Microsoft Security Assessment Tool 4.0

Retina Network Vulnerability Community Scanner

Microsoft Security Compliance Toolkit 1.0

Group Policy

Auditing User Rights and Event Viewer:

Auditing User Rights

Event Viewer

Hardening Active Directory:

Password Policies

Patch Management

Upgrade Domain Controllers to Windows Server 2016/2019

Multifactor authentication

Authentication Policy Silos

Silo your Network

Audit Administration Account Use

Limit Membership of Schema Admins and Enterprise Admins Groups.

Use Separate Administrative Accounts

Continuous Monitoring

End User Training

Active Directory Case Study


Schedule your course

Use the table below to select the time and location that works best for you.

Timezone: America/New_York

October 2021

Oct 18th, 2021-Oct 21st, 2021

ACI Learning is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: