MITIGATIONS

1) User Awareness Training

2) Limit the exposure of AD services and applications online. (NTLM and LDAP authentication)

3) Enforce Network Access Control ( NAC ) Prevent rogue devices on the network.

4) Enforce SMB Signing ( Fully negate SMB Relay attacks )

5) Least Privilege Principle