windows server 2016 Credential Guard Remote Credential Guard Device Guard
once enabled , it encrypts ntlm hash -- to combat mimikatz
Device Guard is Code Integrity to prevent un-authorized program from running
Device Guard is a combination of enterprise-related hardware and software security features that, when configured together, will lock a device so that it can only run trusted applications.
Credential Guard
Remote Credential
Guard
- source Microsoft
Credential Guard helps
prevent Pass-the-Hash attacks. Windows systems have long used credential
derivatives like NTLM hash or Kerberos tickets so that raw passwords are never
sent over the network; however, these credential derivatives are susceptible to
credential theft attacks such as Pass-the-Hash or Pass-the-tickets. Credential
Guard in Windows Server 2016 and Windows 10 uses virtualization-based security
to isolate secrets so that only privileged system software can access them, and
prevents these credential theft attacks.
once enabled , it encrypts ntlm hash -- to combat mimikatz
Device Guard is Code Integrity to prevent un-authorized program from running
Device Guard is a combination of enterprise-related hardware and software security features that, when configured together, will lock a device so that it can only run trusted applications.
No comments:
Post a Comment