Forensics: Active Directory ACL investigation

A Couple of Sensitive Spots Active Directory are full of delegated rights and permissions that grant privileges to security principals (User, Group Managed Service Account, Group and Computer Objects). Some permissions are more sensitive than others and should be kept only for privileged accounts such as for Tier 0 administrators (Read about the credential tier model…

13