International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)

Webpage URL: https://airccse.org/journal/ijnsa.html

Practical Approach for Securing Windows Environment : Attack Vectors and Countermeasures

Abdurrahman Pektas and Ertugrul Basaranoglu, Galatasaray University, Turkey

Abstract

Today, with the advancement of information technology, companies need to use many technologies, platforms, systems and applications to effectively maintain their daily operations. This technology dependence has created a serious complexity in the business network which increases the attack surface and attracts cyber criminal’s attention. As a result, the number of cyber-attacks targeting corporate environment is dramatically increased. To identify security holes in a network, penetration tests are performed by internal sources (employees) and external sources (outsource companies or third parties). Microsoft domain penetration testing,is one of the most important scopes of penetration testing, which aims to expose the weaknesses in Microsoft domain environment. If the domain environment is not structured securely, it can be abused by attackers and causes serious damage to the organization. In this study, we present a penetration methodology for Windows domain environment called MSDEPTM providing key metrics for Microsoft domain penetration testing. More specifically, the fundamental steps of the attack vectors from the hacker point of view, root causes of these attacks, and countermeasures against the attacks are discussed.

Keywords

Penetration testing, Microsoft domain environment, securing Windows, information security, vulnerability assessment

Original Source URL: https://aircconline.com/ijnsa/V9N6/9617ijnsa02.pdf

Volume URL: https://airccse.org/journal/jnsa17_current.html