-
Book Overview & Buying
-
Table Of Contents
Windows Ransomware Detection and Protection
By :
So far, we have looked at setting up MFA for external services such as VPN, RDP, and VDI services, and lastly, Azure AD-integrated services.
However, when it comes to regular services that are integrated into an Active Directory domain such as file services, print services, or the actual login process from a Windows endpoint to Active Directory, there is no built-in MFA service or mechanism. So, if an attacker manages to compromise an endpoint that is connected to Active Directory, they can use that to access file shares and such without requiring any MFA.
There are some third-party vendors that provide MFA services on top of Windows and Active Directory such as AuthLite. However, the main parts for securing Active Directory are listed as follows: