Skillplan AD Checklist
2026-05-20 16:34
AD
Security Checklist
de
en
fr
it
System Online
← Back to sections
Mitigation Controls · Section 15 of 17
Mitigating a one-way domain trust bypass
Assessment Progress
0
/ 95 items
0%
Fulfillment so far
0
/ 0 controls
0%
Explain this attack
Limit access to Domain Controllers to only privileged users that require access.
Not Fulfilled
Fulfilled
Accepted
Restrict privileged access pathways to Domain Controllers to jump servers and secure admin workstations using only the ports and services that are required for administration.
Not Fulfilled
Fulfilled
Accepted
Encrypt and securely store backups of Domain Controllers and limit access to only Backup Administrators.
Not Fulfilled
Fulfilled
Accepted
Only use Domain Controllers for AD DS and do not install any non-security-related services or applications.
Not Fulfilled
Fulfilled
Accepted
Centrally log and analyse Domain Controller logs in a timely manner to identify malicious activity.
Not Fulfilled
Fulfilled
Accepted
Disable the Print Spooler service on Domain Controllers.
Not Fulfilled
Fulfilled
Accepted
Save and Continue →
