The following table describes the vulnerabilities identified in the pre-defined Active Directory Discovery for Reconnaissance.
Vulnerability Template | Vulnerability | Risk | What to find |
---|---|---|---|
Domain Functional level |
Name: Domain with obsolete domain functional level Default scope: N/A |
Active Directory domains configured for a legacy functional level (Windows Server 2012 or earlier) lack the most recent security feature to secure the environment. Remediation: Raise the functional level of a domain to upgrade the features that are available within the domain. The domain controller is required to run on the Windows Server version that is compatible with the functional level. Note: If you have multiple domain controllers, make sure the oldest Windows Server version used is compatible with the functional level. |
Domain functional level Windows Server 2012 or earlier |