As stated previously you will learn how to be an active directory penetration tester in this course. So what is penetration testing? Sometimes called a lost art for many. It requires a deep understanding of operating systems like Windows or Linux. A solid grasp of communication protocols that we use every day on the internet. Besides that you need to have broad understanding of the different stages of a actual penetration test.
During a Penetration test you are simulating a cyber attack on computer systems. You will also perform a Vulnerability Assessment to check if the target systems contain any weak spots or miss-configuration that needs to be patched.
For the auditing of these systems there are various frameworks and methodologies we got utilize to perform our penetration test:
For Penetration test there are special distributions that aid the testing process and include many security assessment tools:
For ease of use we have few models we learn from. The first one I am going describe is the MITRE Attack Framework. This framework explains how adversaries gain access to privileged systems and how they operate within a network. The stages of the Attack Matrix for an Enterprise are
Website of MITRE:
https://attack.mitre.org
Another common framework is what we call the Cyber Kill Chain invented by Lockheed Martin. They both cover 7 different phases or stages every cyber attack will go through. These are:
Website of Lockheed Martin:
https://www.lockheedmartin.com/en-us/capabilities/cyber/cyber-kill-chain.html