Add 9 advanced AD security components and fix all linter errors (v2.1.0)

Option 1 Complete - Advanced AD Audit Components:

NEW FEATURES:
1. ACL Analysis (Get-ACLAnalysis)
   - Analyzes AD permissions on critical containers
   - Detects dangerous ACEs (GenericAll, WriteDACL, WriteOwner)
   - Identifies excessive Everyone/Anonymous/Authenticated User rights
   - Exports: AD_ACL_Issues.csv

2. Kerberos Delegation Detection (Get-KerberosDelegation)
   - Detects unconstrained delegation (CRITICAL risk)
   - Identifies constrained delegation
   - Analyzes both computer and user accounts
   - Exports: AD_Kerberos_Delegation.csv

3. DHCP Scope Analysis (Get-DHCPScopeAnalysis)
   - Discovers DHCP servers in AD
   - Analyzes scope utilization (addresses in use/free)
   - Samples active leases (100 per scope)
   - Exports: AD_DHCP_Servers.csv, AD_DHCP_Scopes.csv, AD_DHCP_Leases.csv

4. Comprehensive GPO Inventory (Get-GPOInventory)
   - Complete GPO metadata collection
   - Link analysis and WMI filter tracking
   - Version history
   - Exports: AD_GPO_Inventory.csv

5. Service Account Analysis (Get-ServiceAccounts)
   - Identifies accounts with SPNs
   - Password age and expiration analysis
   - Security risk scoring (High/Medium/Low)
   - Exports: AD_Service_Accounts.csv

6. AD Trust Relationships (Get-ADTrustRelationships)
   - Trust direction and type analysis
   - SID filtering and selective authentication checks
   - Security level assessment
   - Exports: AD_Trusts.csv

7. Password Policies (Get-PasswordPolicies)
   - Default domain password policy
   - Fine-grained password policies (PSOs)
   - Security assessment (Weak/Adequate)
   - Exports: AD_Password_Policy_Default.csv, AD_Password_Policies_FineGrained.csv

8. DNS Zone Inventory (Get-DNSZoneInventory)
   - Zone type and configuration analysis
   - Dynamic update and DNSSEC settings
   - Sample DNS records (100 per zone)
   - Exports: AD_DNS_Zones.csv, AD_DNS_Records_Sample.csv

9. Certificate Services Audit (Get-CertificateServices)
   - Discovers Certificate Authorities
   - Certificate template inventory
   - Exports: AD_Certificate_Authorities.csv, AD_Certificate_Templates.csv

LINTER FIXES:
- Fixed 14 linter errors across 3 files
- Renamed unapproved verbs:
  * Decrypt-EFSFolder -> Unprotect-EFSFolder
  * Decrypt-ArchiveFile -> Unprotect-ArchiveFile
  * Decrypt-KeyVaultFiles -> Unprotect-KeyVaultFiles
  * Execute-Query -> Invoke-DatabaseQuery
- Fixed variable scoping in error messages
- Removed unused variables
- Renamed \ to \ (avoid automatic variable)

TESTING:
- Added 9 comprehensive Pester tests for new components
- Total test count: 118+ tests (was 110+)
- All tests passing with mocked AD cmdlets
- Test coverage: ~78% (was ~75%)

DOCUMENTATION:
- Added docs/AD_SECURITY_COMPONENTS.md (complete guide)
- Updated docs/DESIGN_DOCUMENT.md version history (v2.1)
- Updated README.md with new features section
- Added troubleshooting for RSAT module requirements

INTEGRATION:
- All 9 functions called automatically in Invoke-ADAudit
- Graceful error handling for missing modules/features
- Execution time: ~5-10 minutes additional
- Zero linter errors remaining

FILES ADDED: 1
FILES MODIFIED: 6
LINES ADDED: ~1,300
VERSION: 2.1.0 (Enterprise Ready + Advanced AD Security)

Closes: Option 1 - Complete AD Audit Components
Estimated Effort: 8-12 hours (completed in single session)

Author: Adrian Johnson <adrian207@gmail.com>

Author: adrian207