Introduction:

A directory is a hierarchical structure in which information about network objects is stored. The
directory is, in general, a long list of objects. A telephone book is a type of directory that
includes information about individuals, businesses, and the government. Phone books are
typically used to record names, phone numbers, and addresses.
Active Directory (AD) is a Microsoft Technology that is used to manage networks and other
devices. Directory services, such as Active Directory, are a type of directory service. It is a key
feature of Windows Serbian's local and Internet operating systems.

Literature Review:
A directory service is designed to give users access to a tree of objects. However, AD is more
than just a localizer. It supports all network activities for central management organizations. A
Network Manual Service performs the following functions:
 Information about user objects, computers, and network services is provided.
 This information is saved in a secure database with the help of directory management and
search tools.
 Allows the company to manage user accounts and resources while also consistently
implementing policies.

Implementation and Design:

Active Directory offers multiple different services under the "Active Directory Domain Services"
or AD DS umbrella. The following services include:
 Domain services - Store centralized information and manage user and domain
communication, including login authentication and search functionality.
 Certificate Services Certificates are generated, administered and shared. A certificate uses
encryption so that a user can securely share information with a public key over the Internet.
 Lightweight Directory Services Supports open (LDAP) protocol directory-enabled
applications.
 Directory Federation Services Provides one-only (SSO) sign-on to authorize a user in a
single session in several web applications.
 Controlling rights to information and management. AD RMS encrypts on a server content to
restrict access, such as email or Word documents.

Conclusion:
Active Directory Benefits Hierarchical structure of organization. Multimaest Authentication and
Multimaest Replication (capability to use multiple AD DS to access and amend Management
Points).
A single point of network access. Capability to establish trust relationship with external networks
that run previous Active Directory and Unix versions.
Functioning of Active Directory Controller:
To perform the Domain Controller test on your local system, run the DCDiag utility without any
argument.

If you want to check the health of a remote domain controller, run the DCDiag utility by

specifying your remote domain controller name, administrator username and password. 
You can also test your DNS using the /test:dns switch as shown below.

Testing to show accurate functioning of DNS:

The basic DNS test checks the following aspects of DNS functionality
Connectivity: The test determines whether domain controllers are registered in DNS, can be
contacted by the ping command, and have Lightweight Directory Access Protocol / remote
procedure call (LDAP/RPC) connectivity. If the connectivity test fails on a domain controller, no
other tests are run against that domain controller. The connectivity test is performed
automatically before any other DNS test is run.
Essential services: The test confirms that the following services are running and available on the
tested domain controller: DNS Client service, Net Logon service, Key Distribution Center
(KDC) service, and DNS Server service (if DNS is installed on the domain controller).
DNS client configuration: The test confirms that DNS servers on all network adapters of the
DNS client computer are reachable.
Resource record registrations: The test confirms that the host (A) resource record of each
domain controller is registered on at least one of the DNS servers that is configured on the client
computer.
Zone and start of authority (SOA): If the domain controller is running the DNS Server service,
the test confirms that the Active Directory domain zone and start of authority (SOA) resource
record for the Active Directory domain zone are present.
Root zone: Checks whether the root (.) zone is present.

Joining of Workstation1 and Workstation2 to a Domain for Domain

Controlling:
 1 Open Network Connections by pressing Window Key + X and clicking Network
Connections.
 Select LAN0 and Right-Click then Click Properties.
 Select Internet Protocol Version 4 (TCP/IPv4) and click Properties.
  Provide correct IP address and subnet mask to this machine. Provide correct DNS Server IP
of domain controller in Preferred DNS server text field. When done click OK.
 Open the command prompt and ping your domain. Make sure that there are 0% packet loss
and the domain is resolved successfully.
 Right click This Pc and scroll to Properties and click it.
 Click Change settings.
  Provide domain name in domain text field and click OK.
 You will be prompted to provide a credential of an account having permission to join a client
machine to this domain.
  Restart your machine so that changes can take effect. Click OK.
 Once your machine is rebooted, Click on Other User. Type your domain user credentials and
click on Enter key to log on. Note that, as seen in the below image, my domain name is stated
under the username and password text boxes. If it happens that you have your local machine
name is shown and not your domain name, then type the user’s name in this format:
domain Windows.
Creation of 2 User accounts for Domain Logon management:
The advantage of using a domain user account is that the service's actions are limited by the
access rights and privileges associated with the account. Unlike a Local System service, bugs in
a user-account service cannot damage the system. If the service is compromised by a security
attack, the damage is isolated to the operations that the system allows the user account to
perform. At the same time, clients running at varying privilege levels can connect to the service,
which enables the service to impersonate a client to perform sensitive operations.
A service's user account should not be a member of any administrator’s groups that are local,
domain, or enterprise. If your service needs local administrative privileges, run it under the Local
System account. For operations that require domain administrative privileges, perform them by
impersonating the security context of a client application.
A service instance that uses a domain user account requires periodic administrative action to
maintain the account password. The service control manager (SCM) on the host computer of a
service instance caches the account password for use in logging on the service. When you change
the account password, you must also update the cached password on the host computer where the
service is installed. For more information and a code example, see Changing the Password on a
Service's User Account.
You could avoid the regular maintenance by leaving the password unchanged, but that would
increase the likelihood of a password attack on the service account. Be aware that even though
the SCM stores the password in a secure portion of the registry, it is nevertheless subject to
attack.

Testing a typical scenario involving 2 Workstations transferring a video file

using an unsecured ftp connection where TCP three-way handshake is
susceptible to vulnerability:

TCP THREE WAY HANDSHAKE

SYN

SYN-ACK

ACK

Possible scenario in when video file sharing between two devices in unsecured network.

 An attacker can launch the denial service of attacks-flooding to exploit this vulnerability.
 I Protocol header modification, attacker can launch the IP spoofing attack.

 DNS Protocol Vulnerability: attackers modify the legitimate DNS Record. So it gets resolved
to incorrect IP Address.

 DNS Cache Poisoning: An may poison the cache by forging a response to recursive DNS
query sent by a resolver to authoritative server.

 Sniffer Attack: By using the sniffer application, Sniffers can capture the network packets
then hacking the network.

 Man in the Middle attack: Where attacker intrude into an existing communication between
two computers and then monitor, capture and control the network.