This course teaches IT professionals how they can enhance the security of the IT infrastructure that they administer. This course begins by emphasizing the importance of assuming that network breaches have occurred already, and then teaches you how to proCOURSE OBJECTIVES:
After completing this course, students will be able to:
Secure Windows Server.
Secure application development and a server workload infrastructure.
Manage security baselines.
Configure and manage just enough and just-in-time (JIT) administration.
Manage data security.
Configure Windows Firewall and a software-defined distributed firewall.
Secure network traffic.
Secure your virtualization infrastructure.
Manage malware and threats.
Configure advanced auditing.
Manage software updates.
Manage threats by using Advanced Threat Analytics (ATA) and Microsoft Operations Management Suite (OMS).
Attacks, breach detection, and Sysinternals tools
- Understanding attacks
- Detecting breaches
- Examining activity with the Sysinternals tool
- Lab : Basic breach detection and incident response strategies
Protecting credentials and privileged access
- Understanding user rights
- Computer and service accounts
- Protecting credentials
- Privileged-Access Workstations and jump servers
- Local administrator-password solution
- Lab : Implementing user rights, security options, and group-managed service accounts user rights, security options, and group-managed service accounts
- Lab : Configuring and deploying LAPs
Limiting administrator rights with Just Enough Administration
- Understanding JEA
- Verifying and deploying JEA
- Lab : Limiting administrator privileges by using JEA
Privileged Access Management and administrative forests
- ESAE forests
- Overview of Microsoft Identity Manager
- Overview of JIT administration and PAM
- Lab : Limiting administrator privileges with PAM
Mitigating malware and threats
- Configuring and managing Windows Defender
- Restricting software
- Configuring and using the Device Guard feature
- Deploying and using the EMET
- Lab : Securing applications by using AppLocker, Windows Defender, Device Guard Rules, and the EMET.
Analyzing activity with advanced auditing and log analytics
- Overview of auditing
- Advanced auditing
- Windows PowerShell auditing and logging
- Lab : Configuring advanced auditing
Deploying and configuring Advanced Threat Analytics and Microsoft Operations Management Suite
- Deploying and configuring ATA
- Deploying and configuring Microsoft Operations Management Suite
- Lab : Deploying ATA and Microsoft Operations Management Suite
Secure Virtualization Infrastructure
- Guarded Fabric
- Shielded and encryption-supported virtual machines
- Lab : Guarded Fabric with administrator-trusted attestation and shielded VMs
Securing application development and server-workload infrastructure
- Using Security Compliance Manager
- Introduction to Nano Server
- Understanding containers
- Lab : Using Security Compliance Manager
- Lab: Deploying and Configuring Nano Server
Planning and protecting data
- Planning and implementing encryption
- Planning and implementing BitLocker
- Lab : Protecting data by using encryption and BitLocker
Optimizing and securing file services
- File Server Resource Manager
- Implementing classification management and file-management tasks
- Dynamic Access Control
- Lab : Quotas and file screening
- Lab : Implementing Dynamic Access Control
Securing network traffic with firewalls and encryption
- Understanding network-related security threats
- Understanding Windows Firewall with Advanced Security
- Configuring IPsec
- Datacenter Firewall
- Lab : Configuring Windows Firewall with Advanced Security
Securing network traffic
- Network-related security threats and connection-security rules
- Configuring advanced DNS settings
- Examining network traffic with Microsoft Message Analyzer
- Securing SMB traffic, and analyzing SMB traffic
- Lab : Securing DNS
- Lab : Microsoft Message Analyzer and SMB encryption
Updating Windows Server
- Overview of WSUS
- Deploying updates by using WSUS
- Lab : Implementing update management
This course is for IT professionals who need to administer Windows Server 2016 networks securely. These professionals typically work with networks that are configured as Windows Server domain-based environments, with managed access to the Internet and cloud services.
Students who seek certification in the 70-744 Securing Windows server exam also will benefit from this course.