security professional security skill risk: low
Active Directory ESAE Tiered Model Implementation
The prompt provides a structured guide for implementing Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory, including objective…
SKILL 4 files · 2 folders
SKILL.md
--- name: configuring-active-directory-tiered-model description: "Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory." --- # Configuring Active Directory Tiered Model ## Overview Implement Microsoft's Enhanced Security Admin Environment (ESAE) tiered administration model for Active Directory. Covers Tier 0/1/2 separation, privileged access workstations (PAWs), administrative forest design, authentication policy silos, and credential theft mitigation. ## When to Use - When deploying or configuring configuring active directory tiered model capabilities in your environment - When establishing security controls aligned to compliance requirements - When building or improving security architecture for this domain - When conducting security assessments that require this implementation ## Prerequisites - Familiarity with identity access management concepts and tools - Access to a test or lab environment for safe execution - Python 3.8+ with required dependencies installed - Appropriate authorization for any testing activities ## Objectives - Implement comprehensive configuring active directory tiered model capability - Establish automated discovery and monitoring processes - Integrate with enterprise IAM and security tools - Generate compliance-ready documentation and reports - Align with NIST 800-53 access control requirements ## Security Controls | Control | NIST 800-53 | Description | |---------|-------------|-------------| | Account Management | AC-2 | Lifecycle management | | Access Enforcement | AC-3 | Policy-based access control | | Least Privilege | AC-6 | Minimum necessary permissions | | Audit Logging | AU-3 | Authentication and access events | | Identification | IA-2 | User and service identification | ## Verification - [ ] Implementation tested in non-production environment - [ ] Security policies configured and enforced - [ ] Audit logging enabled and forwarding to SIEM - [ ] Documentation and runbooks complete - [ ] Compliance evidence generated
REQUIRED CONTEXT
- test or lab Active Directory environment
- familiarity with IAM concepts
OPTIONAL CONTEXT
- compliance requirements
- existing IAM tools
EXPECTED OUTPUT
- Format
- markdown
- Constraints
- include NIST 800-53 mapping table
- provide verification checklist
SUCCESS CRITERIA
- Implement comprehensive configuring active directory tiered model capability
- Establish automated discovery and monitoring processes
- Integrate with enterprise IAM and security tools
- Generate compliance-ready documentation and reports
- Align with NIST 800-53 access control requirements
CAVEATS
- Dependencies
- Familiarity with identity access management concepts and tools
- Access to a test or lab environment for safe execution
- Python 3.8+ with required dependencies installed
- Appropriate authorization for any testing activities
- Missing context
- Specific output format or final deliverable expected from the implementation.
- How Python 3.8+ is intended to be used for Active Directory configuration.
- Ambiguities
- Duplicate word: 'configuring configuring active directory tiered model capabilities' in When to Use section.
QUALITY
- OVERALL
- 0.58
- CLARITY
- 0.65
- SPECIFICITY
- 0.55
- REUSABILITY
- 0.50
- COMPLETENESS
- 0.60
IMPROVEMENT SUGGESTIONS
- Remove the duplicated word 'configuring' in the When to Use bullet.
- Add an explicit Output Format section describing expected artifacts (e.g., scripts, diagrams, reports).
USAGE
Copy the prompt above and paste it into your AI of choice — Claude, ChatGPT, Gemini, or anywhere else you're working. Replace any placeholder sections with your own context, then ask for the output.