Write us
  • Español
  • English
  • Instagram
  • Facebook
  • LinkedIn
bright dark
  • Home
  • About Us About Us
    About Us Social Responsability
  • Software Factory Software Factory
    Software Development Web application DevOps
  • Cloud & IT Services Cloud & IT Services
    Cloud IT overview Windows Virtual Desktop
  • Data & AI Data & AI
    Data & AI
  • Resources
    Privacy Statement Products
  • Services
  • Courses
  • Contact Us
  • Godaddy to 365
  • Bright Dark

Securing Windows Server 2016

Participants are familiar with the methods and technologies used to strengthen the server environments and protect virtual machine infrastructures using Protected and encrypted virtual machines and saved tissue.

Securing Windows Server 2016

Description

IT professionals will learn how they can improve the security of the IT infrastructure they manage. This course begins by emphasizing the importance of assuming that network breaches have already occurred, and then teaches you how to protect administrative credentials and rights to help ensure that administrators can perform only the tasks they need, when they need it.

This course explains how you can use auditing and the Advanced Threat Analysis feature in Windows Server 2016 to identify security issues. You will also learn how to mitigate malware threats, protect your virtualization platform, and use deployment options such as Nano server and containers to improve security. The course also explains how you can help protect file access through encryption and dynamic access control, and how you can improve the security of your network.

Minimum 3 participants

Content

  • Understanding attacks
  • Detecting security breaches
  • Examining activity with the Sysinternals tools

Lab : Basic breach detection and incident response strategies

  • Identifying attack types
  • Exploring Sysinternals tools
  • Understanding user rights
  • Computer and service accounts
  • Protecting credentials
  • Privileged Access Workstations and jump servers
  • Local administrator password solution

Lab : Implementing user rights, security options, and group managed service accounts

  • Configuring user rights and account-security options
  • Delegating privileges
  • Creating group Managed Service Accounts
  • Locating problematic accounts

Lab : Configuring and deploying LAPs

  • Installing and configuring LAPs
  • Deploying and testing LAPs
  • Understanding JEA
  • Verifying and deploying JEA

Lab : Limiting administrator privileges with JEA

  • Creating a role-capability file
  • Creating a session-configuration file
  • Creating a JEA endpoint
  • Connecting and testing a JEA endpoint
  • Deploying a JEA configuration to another computer
  • ESAE forests
  • Overview of Microsoft Identity Manager
  • Overview of JIT administration and PAM

Lab : Limiting administrator privileges with PAM

  • Layered approach to security
  • Configuring trust relationships and shadow principals
  • Requesting privileged access
  • Managing PAM roles
  • Configuring and managing Windows Defender
  • Restricting software
  • Configuring and using the Device Guard feature

Lab : Securing applications with Windows Defender, AppLocker, and Device Guard Rules

  • Configuring Windows Defender
  • Configuring AppLocker
  • Configuring Device Guard
  • Overview of auditing
  • Advanced auditing
  • Windows PowerShell auditing and logging

Lab : Configuring advanced auditing

  • Configuring the auditing of file system access
  • Auditing domain sign-ins
  • Managing advanced audit policy configuration
  • Windows PowerShell logging and auditing
  • Deploying and configuring ATA
  • Deploying and configuring Microsoft Operations Management Suite
  • Deploying and configuring Azure Security Center

Lab : Deploying ATA, Microsoft Operations Management Suite, and Azure Security Center

  • Preparing and deploying ATA
  • Preparing and deploying Microsoft Operations Management Suite
  • Deploying and configuring Azure Security Center
  • Guarded fabric
  • Shielded and encryption-supported virtual machines

Lab : Guarded fabric with Admin-trusted attestation and shielded VMs

  • Deploying a guarded fabric with admin-trusted attestation
  • Deploying a shielded VM
  • Using SCT
  • Understanding containers

Lab : Using SCT

  • Configuring a security baseline for Windows Server 2016
  • Deploying the security baseline for Windows Server 2016

Lab : Deploying and configuring containers

  • Deploying and managing a Windows container
  • Planning and implementing encryption
  • Planning and implementing BitLocker
  • Protecting data by using Azure Information Protection

Lab : Protecting data by using encryption and BitLocker

  • Encrypting and recovering access to encrypted files
  • Using BitLocker to protect data
  • File Server Resource Manager
  • Implementing classification and file management tasks
  • Dynamic Access Control

Lab : Quotas and file screening

  • Configuring File Server Resource Manager quotas
  • Configuring file screening and storage reports

Lab : Implementing Dynamic Access Control

  • Preparing for implementing Dynamic Access Control
  • Implementing Dynamic Access Control
  • Validating and remediating Dynamic Access Control
  • Understanding network-related security threats
  • Understanding Windows Firewall with Advanced Security
  • Configuring IPsec
  • Datacenter Firewall

Lab : Configuring Windows Firewall with Advanced Security

  • Creating and testing inbound rules
  • Creating and testing outbound rules
  • Creating and testing connection security rules
  • Configuring advanced DNS settings
  • Examining network traffic with Message Analyzer
  • Securing and analyzing SMB traffic

Lab : Securing DNS

  • Configuring and testing DNSSEC
  • Configuring DNS policies and RRL

Lab : Microsoft Message Analyzer and SMB encryption

  • Installing and using the Message Analyzer
  • Configuring and verifying SMB encryption on SMB shares

done Requirements

  • Completed courses 740, 741, and 742, or the equivalent.
  • A solid, practical understanding of networking fundamentals, including TCP/IP, User Datagram Protocol (UDP), and Domain Name System (DNS).
  • A solid, practical understanding of Active Directory Domain Services (AD DS) principles.
  • A solid, practical understanding of Microsoft Hyper-V virtualization fundamentals.
  • An understanding of Windows Server security principles.

supervisor_account Capacity

10 Students

access_time Length

40 Hours

verified_user Achievements

  • Participation certificate

Book this course

Partner Partner Partner Partner Partner

  • About Us

    • Social Responsability

  • Software Factory

    • Software Development
    • DevOps

  • Cloud & IT Services

    • Cloud IT overview

  • Resources

    • Projects
    • Privacy Statement
    • Products

  • Data & AI

  • Courses

Follow Us

  • Instagram
  • Facebook
  • LinkedIn

Dominican Republic

  • phone (+1) 809 518-2345
  • location_on

    Eugenio Deschamps Street #6, (La Castellana), Santo Domingo 10133, DN, Dominican Republic

  • email ventas@solvex.com.do

United States

  • phone (+1) 954 769 0276
  • location_on

    8333 N.W. 53rd Street Suite 450 Doral FLORIDA 33166 United States of America

  • email contacto@solvex.com.do

Guatemala

  • phone (502) 4172-0060
  • location_on

    Diagonal 6, 10-01 Zona 10, Centro Gerencial Las Margaritas, Oficina 601, Guatemala

  • email ventas@solvex.com.gt
Home

© 2020 Corporación Solvex. Todos los derechos reservados.

Mapa de Sitio | Términos de uso