Course 579:
Windows Server 2012 R2 and Windows 8.1
Security Foundations

(4 days)

 

Course Description

In this advanced hands-on course, students will learn to enhance security on Windows Server 2012 and Windows 8. These products represent the latest operating systems from Microsoft and are designed to provide secure Server and Desktop platforms. Starting with out-of-the-box installations, students will experience different types of vulnerabilities and the technologies necessary to minimize system exposure.

Traditional Windows Security Topics such as Cryptography, Digital Certificates, Public Key Infrastructure (PKI), Encryption File System (EFS), Kerberos, Password Control, Group Policies, Service and Application Security, Spyware/Malware, Network Monitoring, IP Security (IPSec), and Virtualization Security will be discussed and practiced.

In addition, new technologies such as User Account Control, BitLocker/BitLocker-to-Go, DirectAccess/Unified Remote Access, Unified Extensible Firmware Interface (UEFI), Secure Booting, Early Launch Anti-Malware (ELAM), Self-Encrypting Disks (SED), DNSSEC Integration, Data Classification, Dynamic Access Control, Expression-Based Authorization Rules, Group Managed Service Accounts (gMSAs) will be discussed, demonstrated, and utilized.

Who Should Attend

This will benefit system administrators, network administrators, developers, and managers who need to understand how security affects the Windows platforms on corporate and enterprise networks.

Suggested Prerequisites

  • Experience with Windows Desktop and/or Server Operating System Management
  • Note: It is highly recommended students have a foundation course in Windows 2012 before attending this course.

Course Outline

Chapter 1: Security Fundamentals

  • Windows 2012 and Windows 8 Security Overview
  • Areas of Security: OS, Services, Local and Network Applications, Networking Protocols
  • Workshop: How Good Is Security Out-of-the-Box? Testing with Security Tools
  • Authentication: NTLM and Kerberos
  • Cryptography Primer: Symmetric, Asymmetric, and Hashing Algorithms
  • Digital Certificates and Public Key Infrastructure
  • Workshop: Digital Signing and Encryption Workshop

Chapter 2: Operating System Security

  • Operating System Updates: Hotfixes, Service Packs, Optional Updates
  • System Services: Mapping to Executables/Processes/Port Usage
  • Workshop: Removing Non-Essential Services
  • System and Application Logs
  • Application Startup
  • Registry Usage and Security
  • Workshop: Detecting and Removing Unauthorized Programs
  • Secure Booting
  • Leveraging Unified Extensible Firmware Interface (UEFI) in Windows
  • Early Launch Anti-Malware (ELAM)
  • Malware/Spyware
  • Microsoft Windows Anti-Spyware Add-On
  • Workshop: Install and Configure Microsoft Windows Anti-Spyware

Chapter 3: Application and Browser Security

  • Monitoring Application Access
  • User Account Control (UAC)
  • Workshop: Viewing All Files Used by Applications
  • Web Browser (Internet Explorer) Security
  • Active Components Presented through Web Browsers
  • Workshop: Defining and Controlling Web Browser Configuration
  • Virtualization: Good or Bad for Security
  • Securing Virtual Servers and Core-Only Installations of Windows Server
  • Workshop: Analysis of Virtual Server Security and Core Installations

Chapter 4: Network Security

  • Monitoring Your Network
  • Common Port Usage and Application Identification
  • Microsoft Network Monitor (NetMon) and Microsoft Message Analyzer
  • Workshop: Network Monitoring with NetMon and Message Analyzer
  • Windows Firewall
  • Port Filtering on the TCP/IP Stack
  • Enabling IP Security (IPSec)
  • DirectAccess/Unified Remote Access Capabilities
  • Workshop: Configuring IPSec and DirectAccess for Enterprise Usage
  • Implementing Security in DNS Using DNSSEC
  • Enterprise Storage: iSCSI and Network Security

Chapter 5: File and Folder Security

  • Windows File and Folder Permissions
  • Examining Inheritance of Access Control Lists (ACLs)
  • Utilizing DACLs and SACLs Effectively
  • Workshop: Securing the File System
  • BitLocker and BitLocker to Go Configuration
  • Enterprise Configuration of BitLocker for Data Recovery
  • Workshop: Configure BitLocker for Enterprise Usage and Recovery
  • Utilize Self-Encrypting Hard Drives
  • Data Classification and Dynamic Access Control
  • Expression-Based Authorization Rules
  • Workshop: Configure BitLocker for Enterprise Usage and Recovery

Chapter 6: Active Directory Security

  • Windows Active Directory Security
  • Group Managed Service Accounts (gMSAs)
  • Workshop: Raising the Default Security of the Active Directory
  • Securing AD Enabled Applications
  • Workshop: Secure AD Enabled DNS Zones and DHCP Registration

Chapter 7: Putting It All Together

  • Review of Key Concepts
  • Workshop: Security Assessment: Repair a Troubled Infrastructure

Attendees will be presented with a Windows 2012 Server and a Windows 8 Workstation with multiple security issues. Students must successfully repair the problems and minimize security vulnerabilities.

Please Contact Your ROI Representative to Discuss Course Tailoring!