Skillplan AD Checklist
2026-05-20 16:32
AD
Security Checklist
de
en
fr
it
System Online
← Back to sections
Mitigation Controls · Section 2 of 17
Mitigating Password Spraying
Assessment Progress
0
/ 95 items
0%
Fulfillment so far
0
/ 0 controls
0%
Explain this attack
Create long (30-character minimum), unique, unpredictable and managed passwords for local administrator accounts, service accounts, and break glass accounts.
Not Fulfilled
Fulfilled
Accepted
Create passwords for single-factor authentication with at least four random words and a total minimum length of 15-characters.
Not Fulfilled
Fulfilled
Accepted
Lock out user objects, except for break glass accounts, after a maximum of five failed logon attempts.
Not Fulfilled
Fulfilled
Accepted
Ensure passwords created for user objects are randomly generated.
Not Fulfilled
Fulfilled
Accepted
Configure the built-in 'Administrator' domain account as sensitive to ensure it cannot be delegated.
Not Fulfilled
Fulfilled
Accepted
Scan networks at least monthly to identify any credentials that are being stored in the clear.
Not Fulfilled
Fulfilled
Accepted
Disable the NTLM protocol.
Not Fulfilled
Fulfilled
Accepted
Save and Continue →
