Download presentation
Presentation is loading. Please wait.
Published byElinor Lyons Modified over 8 years ago
1
Restricted Admin & Credential Exposure MMS Minnesota 2014 Hasain Alshakarti – TrueSec Enterprise Security MVP @Alshakarti #MMSMinnesota #MMSConfigMgr #MMSLove
2
Pass-the-Hash (PtH) & Other Credential Theft Pass the Hash NT Hash SAM/AD LSASS “Pass The Dutchie” NTLM Reflection attack Kerberos Golden Ticket
3
Network Isolation & Dynamic Segmentation Windows Firewall with Advanced Security Authentication & Integrity Identity Aware Access MMS Minnesota 2014
4
Authentication Smart Card Logon NT Hash present Virtual Smart Card Authentication Mechanism Assurance Smart Card Logon Dynamic Security Group (Just in Time) Protected Users No Cache of “Fresh Credentials” Authentication Policies & Silos Kerberos Restrictions MMS Minnesota 2014
5
Remote Desktop RDP + TLS security RD Gateway TLS tunneling Authorization Audit Restricted Admin Mode Mitigate Pass-the-Hash
6
Powershell Remoting “Just Enough Admin” Restricted Endpoints MMS Minnesota 2014
7
Evaluations Please provide session feedback by clicking the Eval button in the scheduler app. One lucky winner will get a free ticket to the next MMS! Visit all of our sponsors in the expo area and online! Platinum Sponsors: Gold Sponsors : MMS Minnesota 2014 Hasain Alshakarti – TrueSec
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.