Seminar – Auditing with PowerShell®: Active Directory®
February 8, 2024 @ 8:30 am - February 9, 2024 @ 4:00 pm EST
GWDC Member $400, Non-GWDC Member $800
Auditors performing audits of Windows systems inevitably need to obtain information from Active Directory®, Microsoft’s platform for providing directory services to Windows and other devices. Whether it’s data on user accounts, computer accounts, group membership, or configurations in group policy objects, Active Directory is often a critical data source for Windows system audits.
While Active Directory graphic user interfaces can be used to obtain this information, they are often not efficient to use, and some information isn’t easy to find and download. This often results in administrators needing to provide data or screenshots.
PowerShell® provides a better method of obtaining information from Active Directory. As a Microsoft product, PowerShell has a variety of commands for working with Active Directory. These include commands to obtain data on Active Directory objects, such as users, computers, groups, and group policy objects. Using PowerShell’s scripting capabilities, auditors can develop scripts to efficiently collect data from Active Directory and perform audit tests on this data.
This two-day course will cover the PowerShell commands needed to obtain user, computer, group, and group policy object data from Active Directory. The course will also cover basic audit tests that can be performed using PowerShell on Active Directory objects. Auditors and security professionals who audit Active Directory will benefit from attending this course.
Overview of PowerShell’s Active Directory and Group Policy modules
Walkthrough of commands for:
Walkthrough of commands for Group Policy Objects
Basic scripts with audit tests for Active Directory objects
Exporting data into CSV files
Mike Howard is an experienced IT auditor with over 29 years of IT auditing experience in the Federal Government. Mike is a technical auditor who has audited numerous technologies, including mainframes, Unix environments, Active Directory, databases, Cisco devices, and Windows computers. Mike embraces innovative technologies to accomplish his audits, most notably using PowerShell to write custom scripts. Over the 10+ years that he has been using PowerShell, he’s written over 300 PowerShell scripts.
Mike is also a member of the ISACA Greater Washington D.C. chapter and has served on the board for 17+ years, most of the time as Internet/Communications Director. Mike is currently the Associate Director for Web Development, where he manages the chapter’s website. Mike has also used PowerShell to accomplish tasks related to his Chapter duties, including creating web pages, calculating CPE credits, and updating membership rosters.
Mike has a B.S. in Accounting from Old Dominion University and a Masters in Business Administration from George Mason University.
Virtual Meeting Information
This event will be presented through Zoom. The instructor will send an email with the zoom link prior to the event.
Prior to the event, participants must install the Zoom app on their respective devices. Participants using the web-based Zoom or calling via the phone may not be entitled to CPE credits.
Participants must respond to all the poll questions via the Zoom polling feature or chat log in order to receive NASBA CPE credits.
The ISACA Greater Washington, D.C. Chapter will not be responsible for the participant’s inability to respond to the polls.
If you have CPE questions after the event has concluded, please contact the chapter using the CPE Contact Form.
Cancellation and Refund Policy
Cancellation and refund for advance registrations is allowed if cancellations are submitted through the registration system. Refunds vary depending on the date of cancellation. See ISACA GWDC Event Policies for details.
If ISACA GWDC cancels the event, all registrants will be notified as soon as possible through email at the email address provided during registration. Full refunds will be provided.
The GWDC welcomes your comments, complaints, suggestions, questions, and other feedback concerning our website information and services. All complaints should be submitted through the Registration Contact Form.
Earn up to 14 Continuing Professional Education (CPE) credit in the area of Information Technology. The ISACA® Greater Washington, D.C. Chapter is registered with the National Association of State Boards of Accountancy (NASBA) as a sponsor of continuing professional education on the National Registry of CPE Sponsors. State boards of accountancy have final authority on the acceptance of individual courses for CPE credit. Complaints regarding registered sponsors may be submitted to the National Registry of CPE Sponsors through its website: www.NASBARegistry.org
CPE Distribution and Evaluation Survey
CPEs will be distributed via e-mail along with the event evaluation survey after the completion of the event. Attendees must be present for the full event to receive full CPE credit.
After completing this course, students will have basic skills to use PowerShell to obtain, view, and export data from Active Directory.
Prerequisites: Students should be familiar with using PowerShell and working with Active Directory.
Advance Preparation: The instructor will provide materials during the Zoom.
Program Knowledge Level: Intermediate
Delivery Method: Group Internet Based
Field of Study: Information Technology – Technical