After this lesson, you will be able to: Understand what Active Directory is (domains, forests, trusts, OUs, GPOs), why it is in almost every enterprise, and why it is a primary target in real breaches.
Active Directory is the identity backbone of nearly every enterprise, and compromising it usually means owning the whole network. This subtrack covers AD structure, Kerberos and NTLM authentication, the common attack techniques, BloodHound attack-path mapping, and AD defense, with a lab AD environment.
This is a free introductory lesson. No purchase required.
Active Directory is Microsoft's directory service for managing users, computers, and resources in a Windows network. A domain is an administrative boundary of users and machines; a forest is one or more domains sharing a schema; trusts let domains share access; organizational units (OUs) group objects for management; and Group Policy Objects (GPOs) push configuration and security settings across the domain. Understanding this structure is the prerequisite for everything that follows.
Because AD controls authentication and authorization across the enterprise, an attacker who reaches Domain Admin effectively controls every machine and account. Real intrusions almost always pivot through AD: phish a user, escalate, move laterally, and grab domain dominance. That is why AD attack and defense is one of the most valuable skill sets in cybersecurity, and why this subtrack centers both sides.