Virtualnation Pty Ltd | Virtualnation Pty Ltd

Control: ism-1847; Revision: 0; Updated: Mar-23; Applicability: ALL; Essential Eight: N/A

Credentials for the Kerberos Key Distribution Center’s service account (KRBTGT) are changed twice, allowing for replication to all Microsoft Active Directory Domain Services domain controllers in-between each change, if:

the domain has been directly compromised
the domain is suspected of being compromised
they have not been changed in the past 12 months.

Control: ism-1847; Revision: 0; Updated: Mar-23; Applicability: ALL; Essential Eight: N/A ​

Control: ism-1847; Revision: 0; Updated: Mar-23; Applicability: ALL; Essential Eight: N/A