In this course, you will learn how to enhance the security of the IT infrastructure that you administer. This course begins by emphasizing the importance of assuming that network breaches have occurred already and then teaches you how to protect administrative credentials and rights to ensure that administrators can perform the precise tasks they need at any time, when they need to.
You will learn how to mitigate malware threats, identify security issues by using auditing and the Advanced Threat Analysis feature in Windows Server 2016, secure your virtualization platform, and use new deployment options (such as Nano server and containers) to enhance security.
This course incorporates material from the Official Microsoft Learning Product 20744, and it can assist you in your preparation for Exam 70-744: Securing Windows Server 2016.
This course is also available in the On-Demand delivery format with digital Microsoft Official Courseware (dMOC). Click here to purchase.
I took Securing Windows Server 2016 to prepare for earning my MCSE: Cloud Platform and Infrastructure certification—which I’ve now successfully achieved! Since taking the course I’ve found opportunities to suggest simpler solutions to increase my team’s productivity. I know I’m making a measureable difference because my peers and boss have commented on my increased contributions and it’s opened new doors for me. I’m currently cross training with another department to assist with upcoming projects.
This is the second course I’ve taken with you guys that helped me achieve a major certification. I can’t thank you guys enough for the exceptional staff and resources.”
Vera W. -
Server Management Team
- Secure Windows Server
- Limit administrator rights with Just Enough Administration.
- Manage privilege access
- Mitigate malware and threats
- Analyze activity with advanced auditing and log analytics.Deploy and configure Advanced Threat Analytics and Microsoft Operations Management Suite.Configure Guarded Fabric virtual machines (VMs).Use the Security Compliance Toolkit (SCT) and containers to improve security.Plan and protect data.
- Optimize and secure file services.Secure network traffic with firewalls and encryption.
- Secure network traffic by using DNSSEC and Message Analyzer.
1. Attacks, Breach Detection, and Sysinternals Tools
- Overview of Breach Detection
- Using the Sysinternals Tools to Detect Breaches
2. Protecting Credentials and Privileged Access
- Understanding User Rights
- Computer and Service Accounts
- Protecting Credentials
- Understanding Privileged-Access Workstations and Jump Servers
- Deploying a Local Administrator-Password Solution
3. Limiting Administrator Rights with Just Enough Administration (JEA)
- Understanding JEA
- Configuring and Deploying JEA
4. Privileged Access Management and Administrative Forest
- Understanding Enhanced Security Administrative Environment (ESAE) Forests
- Overview of Microsoft Identity Manager (MIM)
- Implementing JIT and Privileged Access Management by Using MIM
5. Mitigating Malware and Threats
- Configuring and Managing Windows Defender
- Using Software Restricting Policies (SRPs)
- Configuring and Using Device Guard
- Using and Deploying the Enhanced Mitigation Experience Toolkit (EMET)
6. Analyzing Activity by Using Advanced Auditing and Log Analytics
- Overview of Auditing
- Understanding Advanced Auditing
- Configuring Windows PowerShell Auditing and Logging
7. Deploying and Configuring Advanced Threat Analytics (ATA) and Operations Management Suite (OMS)
- Overview of Advanced Threat Analytics
- Understanding OMS
8. Securing Your Virtualization and Infrastructure
- Overview of Guarded Fabric VMs
- Understanding Shielded and Encryption-Supported VMs
9. Securing Application Development and Server-Workload Infrastructure
- Using Security Compliance Manager
- Introduction to Nano Server
- Understanding Containers
10. Planning and Protecting Data
- Planning and Implementing Encryption
- Planning and Implementing BitLocker
11. Optimizing and Securing File Services
- Introduction to FSRM
- Implementing Classification Management and File-Management Tasks
- Understanding Dynamic Access Control (DAC)
12. Securing Network Traffic with Firewalls and Encryption
- Understanding Windows Firewall with Advanced Security
- Configuring IPsec
- Datacenter Firewall
13. Securing Network Traffic
- Network-Related Security Threats and Connection-Security Rules
- Configuring Advanced DNS Settings
- Examining Network Traffic with Microsoft Message Analyzer
- Securing Server Message Block (SMB) Traffic and Analyzing SMB Traffic
14. Updating Windows Server
- Overview of Windows Server Update Services (WSUS)
- Deploying Updates by Using WSUS
IT professionals who need to administer Windows Server 2016 networks securely and work with networks that are configured as Windows Server domain-based environments with managed access to the Internet and cloud services.