AD Hardening Workshop: Blueprint
RCCE students will learn Active Directory security including AD architecture, authentication protocols (Kerberos, NTLM), group policy security, trust relationships, privilege escalation paths, and AD attack detection. RCCE students will learn to assess Active Directory environments for security weaknesses, identify misconfigured permissions, detect Kerberoasting, AS-REP roasting, DCSync, Golden Ticket, and Silver Ticket attacks, implement tiered administration models, configure AD security monitoring with Windows event logs, harden group policy configurations, clean up stale accounts and excessive permissions, and respond to AD compromise with containment and recovery procedures. This hands-on hardening course focuses on reducing attack surface through practical configuration changes and security guardrails. At an expert level, RCCE students will learn to apply hardening baselines, validate configurations, and measure the security improvement achieved. Students walk away with actionable hardening checklists and the skills to maintain hardened configurations as environments evolve.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing AD Hardening Workshop: Blueprint
- Execute hands-on tasks for active directory security assessment, hardening & defense
- Explain Course Overview & Objectives fundamentals
- Execute hands-on tasks for core objectives — covering AD environments for weaknesses.
- Execute hands-on tasks for operational outcomes — covering AD security monitoring.
- Execute hands-on tasks for module details — covering Domain: Identity & Access Management.
- Execute hands-on tasks for topic map: 20 subtopics
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for trust relationships
- Execute hands-on tasks for attack paths + protection patterns
- Execute hands-on tasks for authentication protocols
- Execute hands-on tasks for privilege escalation paths
- Monitor and audit privilege usage; detect escalation attempts
| Module 01 | Active Directory Security Assessment, Hardening & Defense |
| Module 02 | Course Overview & Objectives |
| Module 03 | Core Objectives |
| Module 04 | Operational Outcomes |
| Module 05 | Module Details |
| Module 06 | Topic Map: 20 Subtopics |
| Module 07 | AD Architecture & Components |
| Module 08 | Trust Relationships |
| Module 09 | Attack Paths + Protection Patterns |
| Module 10 | Authentication Protocols |
| Module 11 | Privilege Escalation Paths |
| Module 12 | Detection Signals & Telemetry |
| Module 13 | Stale Account & Permission |
| Module 14 | Structural Components |
All hands-on labs run on Rocheston Rose X OS. Students practice ad hardening workshop: blueprint by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for active directory security assessment, hardening & defense
- Lab 2: Explain Course Overview & Objectives fundamentals
- Lab 3: Execute hands-on tasks for core objectives
- Lab 4: Execute hands-on tasks for operational outcomes
- Lab 5: Execute hands-on tasks for module details
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for AD Hardening Workshop: Blueprint, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI