Active Directory Security Assessment Results

1. Active Directory Security Assessment Results Click here to view in Azure Log Analytics

2. Executive Summary 1. What went well: 82% Passed • Operations and Monitoring 2. What needs Improvement: • Security and Compliance 3. Highest Priority Recommendations: • Remove security principals / users from the Administrators group

3. Security and Compliance • Highest Priority Recommendations • Remove security principals / users from the Administrators group Remove security principals / users from the Domain Admins group Remove security principals / users from the Enterprise Admins group Configure administrative accounts for password expiry Configure and Enforce the Setting "Windows Firewall: Domain: Firewall state" via GPO Enable and Enforce the Setting "Turn off Autoplay" via GPO Set minimum password length in domain password policy to recommended value Migrate unsupported Windows operating systems to a currently supported release Configure and Enforce the Setting "Windows Firewall: Public: Firewall state" via GPO Clear the property of user accounts allowing them to have blank passwords 81% Passed

4. Operations and Monitoring • Highest Priority Recommendations • Review summary information of Operating System versions found in the Active Directory 98% Passed