Abdurrahman Pektas and Ertugrul Basaranoglu,
Galatasaray University, Turkey
ABSTRACT
Today, with the advancement of information technology, companies need to use many technologies,
platforms, systems and applications to effectively maintain their daily operations. This technology
dependence has created a serious complexity in the business network which increases the attack surface
and attracts cyber criminal’s attention. As a result, the number of cyber-attacks targeting corporate
environment is dramatically increased. To identify security holes in a network, penetration tests are
performed by internal sources (employees) and external sources (outsource companies or third parties).
Microsoft domain penetration testing,is one of the most important scopes of penetration testing, which
aims to expose the weaknesses in Microsoft domain environment. If the domain environment is not
structured securely, it can be abused by attackers and causes serious damage to the organization. In this
study, we present a penetration methodology for Windows domain environment called MSDEPTM
providing key metrics for Microsoft domain penetration testing. More specifically, the fundamental steps of
the attack vectors from the hacker point of view, root causes of these attacks, and countermeasures against
the attacks are discussed.
KEYWORDS
Penetration testing, Microsoft domain environment, securing Windows, information security, vulnerability
assessment
For More Details:http://aircconline.com/ijnsa/V9N6/9617ijnsa02.pdf
No comments:
Post a Comment