This is a 100-level presentation that provides a penetration tester background on the basic security architecture and physical / logical components of Microsoft Active Directory. It describes the protocols and services that Active Directory provides and explains how Windows clients interact with Group Policy to provide centralized security policy and operating system configuration management. This presentation assumes familiarity with the Windows security model but does not assume any familiarity with Active Directory.

Evan Anderson has worked in IT as a contract engineer since 1998. Presently he is a partner in Wellbury Information Services LLC of Dayton, OH, and provides network design, implementation, and system administration services to a variety of clients ranging from small business to Fortune 1000. He has performed reviews of network security architectures, application and network penetration testing, and delivered infosec-related training for clients in financial, medical, and public policy sectors.

Big thanks to Damian Profancik for recording these.

Back to Derbycon 2012 video list