Common TTP (Tactics, Techniques and Procedures) to bypass NAC (Network Access Control)

Saturday, July 14, 2018

IntroductionNetwork Access Control (NAC) is used by many organization to enforce access control.In general, NAC enforce many security (or policy) roles, such as authentication, authorization, compliance and remediation.Common endpoint authentication methods include, but not limited to, MAC (Media Access Control) address, custom registry key/s, Active Directory membership and computer digital certificate.Common end user authentication methods include, but not limited to, NTLM (NT LAN Manager) v1/v2, Kerberos and user digital certificate.To enforce compliance on the end points, the NAC may use variety methods include, but not limited to, remote WMI (Windows Management Instrumentation) query (agent less) and installed agent on...
no comments