Active Directory Enumeration is a valuable source of information. An Active Directory Scan will be beneficial to give a detailed listing of all accounts and other important related information from a security point of view. Information gathered is useful to determine both active and inactive users on the domain. This will allow the administrators of the network to conduct end-user entitlement reviews and restrict access where applicable.
Users accounts are a critical path way for intruders to access the internal network once they have breached the perimeter. Malicious attacks can gain access to your corporate network through vulnerabilities on your external hosts, web applications or social engineering.
It is critical to ensure all active directory accounts are accounted for as they may present a gateway to the most critical data. Here is a list why active directory enumeration is an important factor to the security infrastructure:
Network devices, Cloud infrastructure, Web applications, Wireless, Mobile applications and Internet of things devices
Network devices, Cloud, Wireless, Web application, Internet of things devices, Mobile applications, Social engineering, Continuous penetration testing and Active directory enumeration