Become an Expert in Windows Infrastructure Security with Certification!
Ready to dive into the world of cybersecurity within Windows environments? Look no further! Our Windows Infrastructure Security course offers in-depth insights into Windows Operating Systems and Active Directory, all from a cybersecurity perspective.
Key Highlights:
- Course Duration: Over 16 hours of content
- Pre-recorded Demonstrations: Almost 5 hours of practical examples
- Certification Included: Upon successful completion, receive a certificate recognizing your expertise.
- Main Chapters:
- Windows Security: Learn essential security practices for Windows systems.
- Active Directory Security: Explore strategies to protect Active Directory.
- Tiering Model: Understand how to organize security layers effectively.
- Security Baselines: Implement best practices for secure configurations.
- Organizational Measures: Discover how to safeguard your organization.
Ready to enhance your expertise? Check out the detailed syllabus and video samples below!
Who Is This Course For?
This course caters to a diverse audience, including:
- Cybersecurity Enthusiasts: If you’re intrigued by the world of cybersecurity, this course is perfect for you.
- Career Advancers: Whether you’re looking to boost your career or transition into cybersecurity, we’ve got you covered.
- Specific Roles:
- Helpdesk Operators: Advance your career by transitioning into cybersecurity.
- Windows Administrators: Enhance your skills in securing Windows environments.
- Active Directory Specialists: Dive deep into AD security practices.
- System Engineers: Learn how to protect critical infrastructure.
- Cybersecurity Experts and Architects: Strengthen your expertise in safeguarding organizations.
- IT Managers and Companies: Utilize our courses for onboarding programs and validating administrators’ skills.
Course video samples:
Agenda
Theory
Demo
Course Syllabus
This chapter delves into the Windows Operating System from a cybersecurity perspective. Explore essential topics to bolster your understanding of securing Windows environments.
Basics:
- Explore different Windows OS editions, including Windows Server Core and Nano.
- Understand security boundaries such as User Account Control (UAC), Access Control Lists (ACL), and various entities.
System Protection:
- Discover system security features in Windows OS, such as Secure Boot and Trusted Boot.
- Learn about application allowlisting and other protective measures.
Secrets Location:
- Investigate where user, computer, and service secrets are stored.
- Understand both potential risks (how they can be stolen) and protective strategies.
Remote Access:
- Learn how to manage Windows operating systems remotely.
- Explore benefits and considerations for remote management.
Windows Firewall:
- Gain insights into how Windows Firewall operates.
- Discover ways to work with it effectively without disabling it entirely.
Windows Event Log:
- Understand when and how to use Windows Event log.
- Configure it to obtain relevant information.
- Explore the extension of Windows event log through Sysmon.
Gain a deep understanding of Active Directory, uncover vulnerabilities, and explore relevant services.
Basics:
- Understand how Active Directory works and explore its components.
- Topics include hierarchy, trusts, FSMO roles, RODC (Read-Only Domain Controller), and service accounts.
Authentication:
- Dive into the background of authentication protocols Kerberos and NTLM.
- Learn how to configure and enhance their security.
- Explore authentication policies.
Group Policy Objects (GPO):
- Master the proper usage of GPOs and understand how they function.
Active Directory Certificate Services (AD CS):
- Explore asymmetric cryptography within the Windows Infrastructure.
- Understand the architecture of AD CS and best practices for its administration.
Vulnerabilities:
- Investigate common vulnerabilities and persistent attack methods in Active Directory.
- Learn how to search for vulnerabilities and perform security scans.
- Topics include AD certificate services ESC vulnerabilities, Kerberos delegation, Entrust ID Connect server, misconfigured ACLs, DCSync, hidden accounts, and more.
Attack Paths:
- Utilize BloodHound to discover escalation paths within Active Directory.
- Observe how attackers proceed in the attack process.
- Understand what a tiering model is and why it’s crucial for effective security.
- Learn how to implement it within your infrastructure.
- Explore the concept of security baselines and their significance.
- Discover practical steps for implementing security baselines effectively.
- Recognize that security isn’t just about technical controls—it also involves organizational processes.
- Dive into process security, covering risk assessment, access control, monitoring, patching, and more.
- Highlight the critical role of end users (people) in maintaining security.