The Room: “To learn basic concepts regarding Active Directory attacks and mitigation measures.”
https://tryhackme.com/room/activedirectoryhardening
Task 2: Understanding General Active Directory Concepts
2.1. What is the root domain in the attached AD machine?
tryhackme.loc
Task 3: Securing Authentication Methods
3.2. What is the default minimum password length (number of characters) in the attached VM?
7
Task 4: Implementing Least Privilege Model
4.1. Computers and Printers must be added to Tier 0 – yea/nay?
nay
4.2. Suppose a vendor arrives at your facility for a 2-week duration task. Being a System Administrator, you should create a high privilege account for him – yea/nay?
nay
Task 5: Microsoft Security Compliance Toolkit
5.1. Find and open BaselineLocalInstall script in PowerShell editor – Can you find the flag?
THM{00001}
5.2. Find and open MergePolicyRule script (Policy Analyser) in PowerShell editor – Can you find the flag?
{THM00191}
Task 6: Protecting Against Known Attacks
6.1. Does Kerberoasting utilise an offline-attack scheme for cracking encrypted passwords – yea/nay?
yea
6.2. As per the generated report, how many users have the same password as aaron.booth?
186