Appendices

  • Article

 

Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Server 2012 R2, Windows Server 2012

Appendices are included in this document to augment the information contained in the body of the document. The list of appendices and a brief description of each in included the following table.

Appendix

Description

Appendix A: Patch and Vulnerability Management Software

Contains a list of companies that produce patch and vulnerability management software.

Appendix B: Privileged Accounts and Groups in Active Directory

Provides background information that helps you to identify the users and groups you should focus on securing because they can be leveraged by attackers to compromise and even destroy your Active Directory installation.

Appendix C: Protected Accounts and Groups in Active Directory

Contains information about protected groups in Active Directory. It also contains information for limited customization (removal) of groups that are considered protected groups and are affected by AdminSDHolder and SDProp.

Appendix D: Securing Built-In Administrator Accounts in Active Directory

Contains guidelines to help secure the Administrator account in each domain in the forest.

Appendix E: Securing Enterprise Admins Groups in Active Directory

Contains guidelines to help secure the Enterprise Admins group in the forest.

Appendix F: Securing Domain Admins Groups in Active Directory

Contains guidelines to help secure the Domain Admins group in each domain in the forest.

Appendix G: Securing Administrators Groups in Active Directory

Contains guidelines to help secure the Built-in Administrators group in each domain in the forest.

Appendix H: Securing Local Administrator Accounts and Groups

Contains guidelines to help secure local Administrator accounts and Administrators groups on domain-joined servers and workstations.

Appendix I: Creating Management Accounts for Protected Accounts and Groups in Active Directory

Provides information to create accounts that have limited privileges and can be stringently controlled, but can be used to populate privileged groups in Active Directory when temporary elevation is required.

Appendix J: Third-Party RBAC Vendors

Contains a list of third-party RBAC vendors and the RBAC solutions they offer.

Appendix K: Third-Party PIM Vendors

Contains a list of third-party PIM vendors and the PIM solutions they offer.

Appendix L: Events to Monitor

Lists events for which you should monitor in your environment.

Appendix M: Document Links and Recommended Reading

Contains a list of recommended reading. Also contains a list of links to external documents and their URLs so that readers of hard copies of this document can access this information.