Skillplan AD Checklist
2026-05-20 16:32
AD
Security Checklist
de
en
fr
it
System Online
← Back to sections
Mitigation Controls · Section 17 of 17
Mitigating Skeleton Key
Assessment Progress
0
/ 95 items
0%
Fulfillment so far
0
/ 0 controls
0%
Explain this attack
Limit access to Domain Controllers to only privileged users that require access.
Not Fulfilled
Fulfilled
Accepted
Restrict privileged access pathways to Domain Controllers to jump servers and secure admin workstations using only the ports and services that are required for administration.
Not Fulfilled
Fulfilled
Accepted
Run the LSASS process in protected mode.
Not Fulfilled
Fulfilled
Accepted
Implement Microsoft's vulnerable driver blocklist.
Not Fulfilled
Fulfilled
Accepted
Restrict driver execution to an approved set.
Not Fulfilled
Fulfilled
Accepted
Only use Domain Controllers for AD DS and do not install any non-security-related services or applications.
Not Fulfilled
Fulfilled
Accepted
Centrally log and analyse Domain Controller logs in a timely manner to identify malicious activity.
Not Fulfilled
Fulfilled
Accepted
Disable the Print Spooler service on Domain Controllers.
Not Fulfilled
Fulfilled
Accepted
Save and Continue →
