Active Directory (AD) is one of the most valuable targets for cyberattackers because it handles authentication and authorization across all enterprise resources and touches virtually everything on the network. AD is complicated to secure, and today, red teams estimate that they can compromise it 100% of the time. Once attackers compromise AD, they can use it to escalate their privileges at will, significantly increasing the scope and damage of the attack. There are many ways that cybercriminals can attack AD, and enterprises should be aware of these tactics. Below is a primer of the most common tactics attackers use to help organizations understand their attackers and better prepare their defenses.