Files
Anthropic-Cybersecurity-Skills/skills/configuring-active-directory-tiered-model/SKILL.md
T

1.7 KiB

name, description, domain, subdomain, tags, version, author, license
name description domain subdomain tags version author license
configuring-active-directory-tiered-model Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative f cybersecurity identity-access-management
iam
identity
access-control
active-directory
tiered-model
paw
esae
1.0 mahipal MIT

Configuring Active Directory Tiered Model

Overview

Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative forest design, authentication policy silos, and credential theft mitigation.

Objectives

  • Implement comprehensive configuring active directory tiered model capability
  • Establish automated discovery and monitoring processes
  • Integrate with enterprise IAM and security tools
  • Generate compliance-ready documentation and reports
  • Align with NIST 800-53 access control requirements

Security Controls

Control NIST 800-53 Description
Account Management AC-2 Lifecycle management
Access Enforcement AC-3 Policy-based access control
Least Privilege AC-6 Minimum necessary permissions
Audit Logging AU-3 Authentication and access events
Identification IA-2 User and service identification

Verification

  • Implementation tested in non-production environment
  • Security policies configured and enforced
  • Audit logging enabled and forwarding to SIEM
  • Documentation and runbooks complete
  • Compliance evidence generated