Security Assessment: Built-in Active Directory Guest account is enabled
This recommendation indicates whether an AD Guest account is enabled in your environment.
The goal is to ensure that the Guest account of the domain is not enabled.
Organization risk
The on-premises Guest account is a built-in, non-nominative account that allows anonymous access to Active Directory. Enabling this account permits access to the domain without requiring a password, potentially posing a security threat.
Remediation steps
Review the list of exposed entities to discover if there is a Guest account which is enabled.
Take appropriate action on those accounts by disabling the account.
For example:
