Job Description :
Remediate Current Security Assessment Flaws

o Step 1 (1-3 Months) Resolve Critical Findings

o Review and adjust patch cycle for AD

o Develop an Incident Response plan

o Create and apply a Fine-grained Password Policy to all highly-privileged accounts Secure Sysvol

o Resolve FRS Journal Wrap

o Step 2 (3-6 Months) Resolve High Level Findings

o Log and alert on Domain Admin usage, creation, and DC logins/access

o Monitoring of admin accounts logins and membership changes

o Update and apply a Fine-grained Password Policy to user accounts
Cleanup Sysvol –remove executables

o Disable GPO policies that allow for interactive logons

o Step 3 (6-9 Months) Resolve all Medium Level findings

o User and admin education

o Secure ‘Branch Office’ hosting platform and baseline

o Document and publish Operational/Support and Delegation Models

o Streamline Sysvol –remove unused ADM Templates, and reduce overall size of Sysvol

o Step 4 (9-12 Months) Resolve All Low Level Findings

o Upgrade DCs to server 2016

o Review and update DC build and run books



· The timeline is based on two resources

· Cleanup and remove old Certificate Authority Environment

· Deploy a net new Windows 2012 R2 Certificate Authority Services Environment

· Develop a change advisory board for all changes related to Active Directory

· Develop a process in which to manage administrative level accounts

· Develop different Tier Levels of Admin access