How secure is your
Active Directory?

Take a quick survey
to find out!

Start survey

Your result

Oops!

Your Active Directory is prone to attacks! We strongly recommend you tighten your security as soon as possible.

Click here to check your strengths and areas that need improvement.

Download ManageEngine's Log360 for free to get real-time alerts, custom reports, user and entity behavior analytics, and so much more.

Download Log360 for free

Your result

Good job,

but there are some loose ends that can endanger your Active Directory!

Click here to check your strengths and areas that need improvement.

To get real-time alerts during possible attacks, download ManageEngine's Log360 for free. From customizable reports to user and entity behavior analytics, Log360 can assist you in hardening your defenses.

Download Log360 for free

Your result

Congratulations!

Your organization follows some of the best practices to keep Active Directory safe from attackers. However, no safety practice is foolproof.

To strengthen your Active Directory's security, give ManageEngine's Log360 a try. It gives you customizable reports, real-time alerts, user and entity behavior analytics, and much more. Download for free now!

Download Log360 for free

Almost there...

You're just one step away

from knowing how strong your organization's security is!

Please enter a valid Business Email

By clicking 'View results now!', you agree to our Privacy Policy.

Our analysis

Based on your responses, we have analyzed your strengths as well as areas that need improvement.

Strengths:

Privileged account management
Automate stale account management
Group membership management
Network security
Delegated tasks management
Domain admin account management
Local admin password management

Ways to improve:

Provide sufficient training to all the employees, follow the principle of least privilege, and get real-time alerts when there's a security breach
Enforce multi-factor authentication for domain users
Implement user and entity behavior analytics

Download Log360 for free

AD Security Hardening Survey

How often are user account privileges reviewed in your organization?

a. Every 6 months or less
b. Between six and 12 months
c. More than 12 months
d. When an employee changes roles
e. In the event of a security breach
f. Never

How do you identify and disable stale accounts in your organization?

a. We manually disable the user accounts of employees who leave the organization.
b. We routinely run PowerShell scripts to identify stale accounts.
c. We routinely check for stale accounts using Active Directory Users and Computers.
d. We disable stale accounts through an automated process.
e. We do not check for stale accounts unless there is a security breach.

How do you track users' group memberships from time-to-time?

a. PowerShell
b. Active Directory Users and Computers
c. An Active Directory auditing solution.
d. Our strong team of Active Directory specialists remembers the group memberships of every user account.
e. We do not track the group memberships of users unless there is a problem.

What authentication protocol does your IT environment use?

a. Kerberos
b. NTLM
c. NTLMv2
d. LANMAN

What special privileges do help desk admins in your organization have?

a. Only unlock accounts and reset passwords
b. Only create new user accounts
c. Unlock accounts, reset passwords, and create new user accounts
d. View sensitive data, unlock accounts, reset passwords, and create new user accounts
e. Modify sensitive data, unlock accounts, reset passwords, and create new user accounts

What functions does the domain admin perform using the domain admin credentials?

a. Browse the web, check business emails, unlock accounts, create new users, assign user rights, edit access control permissions
b. Check business emails, unlock accounts, create new users, assign user rights, edit access control permissions
c. Unlock accounts, create new users, assign user rights, edit access control permissions
d. Create new users, assign user rights, edit access control permissions
e. Assign user rights, edit access control permissions

How do you manage the local admin passwords in your Active Directory?

a. All the local admin accounts have the same password.
b. All the local admin account passwords are manually changed and unique.
c. The schema is extended and Microsoft's Local Administrator Password Solution (LAPS) is used.
d. We use an AD auditing solution for privileged identity management.

What steps does your organization take to reduce the chance of an Active Directory security breach? Please choose the option that is most appropriate.

a. Provide training to all employees to spread awareness about different types of security attacks and how to prevent them.
b. Follow the principle of least privilege by providing minimum access to data on the network to employees to perform their day-to-day tasks efficiently.
c. An AD auditing solution detects and alerts the IT team in real-time in the event of an attack
d. (a), (b), and (c)
e. (a) and (b) only
f. (b) and (c) only

Is multi-factor authentication (MFA) enforced in your organization?

a. No
b. Yes, for privileged accounts
c. Yes, for all accounts

How do you monitor anomalous user activities (logon, logoff, access to sensitive data, remote activity, printing files, plugging in data storage devices, etc.)?

a. We never allow remote access.
b. We lock down our office during non-business hours.
c. Anomalous user behavior is automatically tracked using a user behavior analytics (UBA) tool.
d. Our IT team routinely uses PowerShell and native Active Directory to identify anomalous user activity.
e. We do not monitor anomalous user activity.

01/10

How secure is your Active Directory?

Take a quick survey to find out!

Your result

Oops!

Your result

Good job,

Your result

Congratulations!

Almost there...

You're just one step away

Our analysis

Strengths:

Ways to improve:

AD Security Hardening Survey

How secure is your
Active Directory?

Take a quick survey
to find out!