Hacking & Defending Active Directory
- • Jun 26, 2026 · Live Remote Online
- • Jul 24, 2026 · Live Remote Online
- • Sep 18, 2026 · Live Remote Online
- • Oct 16, 2026 · Live Remote Online
- • Dec 11, 2026 · Live Remote Online
Contact IT Dojo for current pricing, available dates, and a custom quote tailored to your team or organization.
Course Duration
1 day
Audience
Employees of federal, state and local governments; and businesses working with the government.
Prerequisites
Basic knowledge of computers and networking is recommended. CompTIA A+/Network+ equivalent knowledge or completion of the free Practical Help Desk course in TCM Security Academy will prepare you for this class.
Course Description
One of the most common tools to structure and organize users and computers in a business environment is Microsoft's Active Directory. However, Active Directory also happens to be one of the most exploited tools that hackers utilize to gain access to corporate networks. This live Active Directory training class will not only teach you the most common exploits hackers use to break into networks, it will also teach you the steps that you need to take to remediate and patch these exploits. You will gain practical skills and knowledge that can be immediately applied to secure your environment.
Learning Objectives
- Understand the structure and components of Active Directory, including both physical and logical elements
- Identify and defend against common pre-compromise Active Directory attacks such as LLMNR poisoning, SMB relay, IPv6 spoofing, AS-REP roasting, and passback attacks
- Use key post-compromise enumeration tools (e.g., BloodHound, PingCastle) to assess AD environments and recognize common administrative misconfigurations
- Analyze and defend against post-compromise attacks including Kerberoasting, token impersonation, credential dumping, and persistence techniques
- Adopt an attacker's mindset to better anticipate and mitigate real-world AD exploitation tactics
- Apply lessons from real penetration test case studies to strengthen Active Directory security posture
Course Outline
Active Directory Overview
- What is Active Directory?
- Physical Active Directory Components
- Logical Active Directory Components
Pre-Compromise AD Attacks and Defenses
- LLMNR Poisoning Attacks and Defenses
- SMB Relay Attacks and Defenses
- IPv6 Attacks and Defenses
- AS-REP Roasting Attacks and Defenses
- Passback Attacks and Defenses
- Inside the Attacker's Mindset
Post-Compromise AD Enumeration
- Common enumeration tools: BloodHound, Plumhound, PingCastle, ldapdomaindump, and more
- Understanding common mistakes from an Administrator's perspective
Post-Compromise AD Attacks and Defenses
- Pass Attacks and Defenses
- Kerberoasting Attacks and Defenses
- Token Impersonation Attacks and Defenses
- URL File Attacks and Defenses
- GPP Attacks and Defenses
- Credential Dumping Attacks and Defenses
- Persistence Attacks and Defenses
AD Case Studies
- Real case studies from real penetration tests
Frequently Asked Questions
What does the Hacking & Defending Active Directory course cover?
One of the most common tools to structure and organize users and computers in a business environment is Microsoft's Active Directory. However, Active Directory also happens to be one of the most exploited tools that hackers utilize to gain access to corporate networks. IT Dojo delivers it as live instructor-led training for government and business professionals.
How long is IT Dojo's Hacking & Defending Active Directory training?
Hacking & Defending Active Directory is a 1 day course. It is available as live remote online instruction or on-site at your facility.
Is this course available as live remote online training?
Yes. IT Dojo offers Hacking & Defending Active Directory as live remote online training led in real time by a certified instructor. On-site delivery at your government facility or contractor location is also available.
Who should attend this course?
Security professionals, network administrators, and penetration testers who need to understand and defend against Active Directory exploitation in enterprise environments.
Does IT Dojo offer this training on-site at government or DoD facilities?
Yes. IT Dojo delivers Hacking & Defending Active Directory on-site at government agencies, DoD commands, military installations, and contractor facilities. On-site training is ideal for teams and can be customized to your organization's workflows. Contact IT Dojo to schedule.
How do I register for this course?
IT Dojo training is employer sponsored. Your organization registers and pays for seats. To schedule Hacking & Defending Active Directory for your team, contact IT Dojo via the Request Training form or call 757-216-3656.