The session covers techniques used by adversaries to gain and sustain access within a domain, including credential dumping, Active Directory configuration syncing, Kerberos protocol manipulation, and certificate abuse. The presenters also discuss effective recovery strategies in the event that any of these techniques are discovered in the environment.