Description
Duration: 1 day
Active Directory is widely used to manage users and computers in enterprise environments, but it is also a frequent target for attackers seeking to penetrate corporate networks. This instructor-led course covers the techniques attackers commonly use to exploit Active Directory, as well as the steps needed to remediate those vulnerabilities. Students will work through both offensive and defensive concepts, building hands-on skills they can apply directly to their own environments.
Target Audience
- System Administrators and IT Professionals
- Network Engineers and Administrators
- Organizations that need their teams to develop strong Active Directory security skills to defend against cyber threats
- Aspiring Penetration Testers and Cybersecurity Professionals
- Individuals seeking additional support while preparing for the PJPT exam
- Anyone looking to deepen their knowledge, skills, and methodologies in this area
Prerequisites
- This is a beginner-level course. Students should have a basic understanding of computers and networking, equivalent to CompTIA A+/Net+ knowledge. The free Practical Help Desk course on TCM Security Academy is also sufficient preparation.
What’s included?
- Authorized Courseware
- Intensive Hands on Skills Development with an Experienced Subject Matter Expert
- Hands on practice on real Servers and extended lab support 1.800.482.3172
- Examination Vouchers & Onsite Certification Testing – (excluding Adobe and PMP Boot Camps)
- Academy Code of Honor: Test Pass Guarantee
- Optional: Package for Hotel Accommodations, Lunch and Transportation
With several convenient training delivery methods offered, The Code Academy makes getting the training you need easy. Whether you prefer to learn in a classroom or an online live learning virtual environment, training videos hosted online, and private group classes hosted at your site. We offer expert instruction to individuals, government agencies, non-profits, and corporations. Our live classes, on-sites, and online training videos all feature certified instructors who teach a detailed curriculum and share their expertise and insights with trainees. No matter how you prefer to receive the training, you can count on The Code Academy for an engaging and effective learning experience.
Methods
- Instructor Led (the best training format we offer)
- Live Online Classroom – Online Instructor Led
- Self-Paced Video
Speak to an Admissions Representative for complete details
| Start | Finish | Public Price | Public Enroll | Private Price | Private Enroll |
|---|---|---|---|---|---|
| 5/25/2026 | 5/25/2026 | ||||
| 6/15/2026 | 6/15/2026 | ||||
| 7/6/2026 | 7/6/2026 | ||||
| 7/27/2026 | 7/27/2026 | ||||
| 8/17/2026 | 8/17/2026 | ||||
| 9/7/2026 | 9/7/2026 | ||||
| 9/28/2026 | 9/28/2026 | ||||
| 10/19/2026 | 10/19/2026 | ||||
| 11/9/2026 | 11/9/2026 | ||||
| 11/30/2026 | 11/30/2026 | ||||
| 12/21/2026 | 12/21/2026 | ||||
| 1/11/2027 | 1/11/2027 | ||||
| 2/1/2027 | 2/1/2027 | ||||
| 2/22/2027 | 2/22/2027 | ||||
| 3/15/2027 | 3/15/2027 | ||||
| 4/5/2027 | 4/5/2027 | ||||
| 4/26/2027 | 4/26/2027 |
Learning Objectives
- Understand the structure and components of Active Directory, including both physical and logical elements
- Identify and defend against common pre-compromise Active Directory attacks, including LLMNR poisoning, SMB relay, IPv6 spoofing, AS-REP roasting, and passback attacks
- Use post-compromise enumeration tools such as BloodHound and PingCastle to assess Active Directory environments and identify common administrative misconfigurations
- Analyze and defend against post-compromise attacks including Kerberoasting, token impersonation, credential dumping, and persistence techniques
- Develop an attacker’s mindset to better anticipate and counter real-world Active Directory exploitation tactics
- Draw on penetration test case studies to identify lessons that can be applied to strengthen Active Directory security
Course Outline
Module 1: Active Directory Fundamentals
An introduction to Active Directory covering its purpose, physical components (sites, domain controllers, and subnets), and logical components (domains, trees, forests, OUs, and trusts).
Module 2: Pre-Compromise Attacks and Defenses
Covers attacks that can be carried out before an attacker has valid credentials, including LLMNR Poisoning, SMB Relay, IPv6 attacks, AS-REP Roasting, and Passback attacks. Each attack is paired with defensive guidance, and the module introduces the attacker’s mindset.
Module 3: Post-Compromise Enumeration
Examines tools used to enumerate an Active Directory environment after initial access is gained, including BloodHound, Plumhound, PingCastle, and ldapdomaindump, with a focus on identifying common misconfigurations from an administrative perspective.
Module 4: Post-Compromise Attacks and Defenses
Covers attacks executed after establishing an initial foothold, including Pass attacks, Kerberoasting, Token Impersonation, URL File attacks, GPP attacks, Credential Dumping, and Persistence techniques. Each topic includes corresponding defensive countermeasures, and the attacker’s mindset is revisited.
Module 5: Active Directory Case Studies
Reviews real-world scenarios based on actual penetration tests to illustrate how Active Directory weaknesses have led to organizational compromises and what those examples reveal about improving security posture.
