agent security skill risk: medium

LDAP Security Hardening Configuration Guide

The prompt provides an overview, prerequisites, objectives, NIST-aligned security controls table, and verification checklist for hardening LDAP directory services against attacks i…

SKILL 4 files · 2 folders

SKILL.md

Download

---
name: configuring-ldap-security-hardening
description: "Harden LDAP directory services against common attacks including credential harvesting, LDAP injection, anonymous"
---
# Configuring LDAP Security Hardening

## Overview
Harden LDAP directory services against common attacks including credential harvesting, LDAP injection, anonymous binding, and channel binding bypass. Covers LDAPS enforcement, channel binding, LDAP signing, access control lists, and monitoring for LDAP-based attacks.


## When to Use

- When deploying or configuring configuring ldap security hardening capabilities in your environment
- When establishing security controls aligned to compliance requirements
- When building or improving security architecture for this domain
- When conducting security assessments that require this implementation

## Prerequisites

- Familiarity with identity access management concepts and tools
- Access to a test or lab environment for safe execution
- Python 3.8+ with required dependencies installed
- Appropriate authorization for any testing activities

## Objectives
- Implement comprehensive configuring ldap security hardening capability
- Establish automated discovery and monitoring processes
- Integrate with enterprise IAM and security tools
- Generate compliance-ready documentation and reports
- Align with NIST 800-53 access control requirements

## Security Controls
| Control | NIST 800-53 | Description |
|---------|-------------|-------------|
| Account Management | AC-2 | Lifecycle management |
| Access Enforcement | AC-3 | Policy-based access control |
| Least Privilege | AC-6 | Minimum necessary permissions |
| Audit Logging | AU-3 | Authentication and access events |
| Identification | IA-2 | User and service identification |

## Verification
- [ ] Implementation tested in non-production environment
- [ ] Security policies configured and enforced
- [ ] Audit logging enabled and forwarding to SIEM
- [ ] Documentation and runbooks complete
- [ ] Compliance evidence generated

REQUIRED CONTEXT

LDAP environment access
IAM familiarity

OPTIONAL CONTEXT

compliance requirements
lab environment

EXPECTED OUTPUT

Format

markdown

Constraints

include overview, when-to-use, prerequisites, objectives, security controls table, verification checklist

SUCCESS CRITERIA

Implement comprehensive configuring ldap security hardening capability
Establish automated discovery and monitoring processes
Integrate with enterprise IAM and security tools
Generate compliance-ready documentation and reports
Align with NIST 800-53 access control requirements

CAVEATS

Dependencies

Familiarity with identity access management concepts and tools
Access to a test or lab environment for safe execution
Python 3.8+ with required dependencies installed
Appropriate authorization for any testing activities

Ambiguities

The phrase 'configuring configuring ldap security hardening' contains an apparent duplication.
Does not specify desired output length or format for generated content.

QUALITY

OVERALL: 0.62
CLARITY: 0.65
SPECIFICITY: 0.70
REUSABILITY: 0.55
COMPLETENESS: 0.60

IMPROVEMENT SUGGESTIONS

Remove duplicated wording in the 'When to Use' section.
Add explicit instructions on the expected output format (e.g., step-by-step configuration commands or scripts).

USAGE

Copy the prompt above and paste it into your AI of choice — Claude, ChatGPT, Gemini, or anywhere else you're working. Replace any placeholder sections with your own context, then ask for the output.