As a PenTester/RedTeamer/All Around Badass- I have seen a lot of bad security practices by the people designated to actually run the network. I have also worked on the defensive side and experienced some of challenges associated with securing a network. This talk will focus on some of the recurring bad security practices that I (and crowd-sourced others) have witnessed over the years. Walk away at the end of the talk with some common sense security practices/failures that apparently aren’t all that common to some Domain Admins.