E8 topic 6 - Restrict administrative privileges
In this video we breakdown what “restrict administrative privileges” means by discussing the four main types of accounts, domain admin and domain users vs local admin and local users. We learn about the restrictions standard user accounts have and discuss the “least-privilege” principle. We will also talk about the need to audit users and groups periodically. We then talk about the need to use a decentralised or delegated administration model. We will also hack a workstation using a malicious payload which has various levels of effectiveness depending on the user that executes the program. This is a very complex topic, with many different moving parts but is it important to know these principles so you can make decisions on implementing these security practices in your business.