Ready to learn?

Windows Infrastructure Security

Windows & AD Misconfigurations Leave You Exposed
→ Learn How to Secure Them

Windows & Active Directory are at the core of IT security—yet misconfigurations make them a prime target for attackers. This course teaches you how to fix these security gaps, prevent breaches, and defend against real-world attack techniques.

Don’t Let Misconfigurations Leave You Exposed—Secure Your Windows Environment Today!

Need to buy through your company? Contact us for an offer!
→ info@horizon-secured.com

$249

enroll now
free trial
instructor bio

Luca Di Laudo

Sistemista

Italy

I would like to thank David for his availability and for the truly well-done course. It gave me the opportunity to acquire solid skills in infrastructure security and the processes behind securing an infrastructure. Thank you, David!

Abhay Bakshi

Head of Cybersecurity & AI

USA

I really enjoyed this course – it provides a deeper dive into Windows System and Infrastructure Security. The instructor does an excellent job of breaking down complex concepts and offering practical insights, all backed by real-world examples. If you’re in IT or Cybersecurity and want to enhance your expertise, this course is worth considering. I recommend it highly.

André Estêvão

Senior System Administrator

Portugal

If you’re on the blue side defending Windows systems, this course will help you a lot, whether you’re a newcomer or a seasoned defender looking for a refresher. It contains a high level overview of several important topics that will help you better defend your systems.

Oleksii Veremeichuk

Pentester

Sweden

The course contains a lot of useful material for administrators of domain Windows systems and for cyber security specialists. Also course provides real examples of a lot of useful information that can be used in everyday tasks.

Strahinja Vidakovic

IT Security Expert

Serbia

It was an interesting and very informative course. I will definitely recommend it to people who are involved in Windows system administration/security and want to improve their knowledge.

Jovan Pejic

Cyber Security Engineer

Serbia

This is a great course that gives a lot of useful information and best practice advices. Instructor has succeded to explain most important aspects of Windows System and Infrastructure Security topics. Thank you David, I found it interesting to take it!
Why This Course?

Most Windows infrastructures have hidden security gaps that attackers love to exploit—often without IT teams realizing it. This course teaches you how to find and fix these misconfigurations before they lead to a breach.

This course gives you the skills to:

  • Identify & fix security misconfigurations before they become breaches
  • Understand real attacker tactics & learn how to detect them
  • Implement structured security models like Tiering & Security Baselines
 
Who Should Take This Course?

This course is NOT for complete beginners. If you already manage Windows or Active Directory, it’s built for you.

  • Windows Administrators & Engineers → Secure your environment & move toward cybersecurity.
  • Cybersecurity Engineers & SOC Analysts → Learn attack techniques, detection, and defense.
  • IT Managers & Security Leads → Ensure your infrastructure follows best security practices.
  • Pentesters & Ethical Hackers → Explore BloodHound, AD attack paths, and real-world vulnerabilities.
 
What You’ll Learn

This course teaches you how to secure Windows environments, defend Active Directory, and detect real-world attacks.

Windows Security

  • Understand Windows OS security boundaries (UAC, ACLs, and privilege management).
  • Protect sensitive data and credentials by securing secrets storage.
  • Harden Windows boot security (Secure Boot, Trusted Boot) and application allowlisting.
  • Improve remote management security and prevent unauthorized access.
  • Configure Windows Firewall & Event Logging for monitoring and incident detection.

Active Directory Security

  • Learn how AD works—hierarchy, trusts, FSMO roles, RODCs, and service accounts.
  • Strengthen authentication security (Kerberos, NTLM, and authentication policies).
  • Secure GPO configurations & AD Certificate Services (AD CS) to prevent misconfigurations.
  • Identify and mitigate AD-specific vulnerabilities (Kerberos delegation, DCSync, misconfigured ACLs).
  • Use BloodHound to analyze attack paths and detect privilege escalation risks.

Infrastructure Protection & Organizational Security

  • Implement Tiering Models & Security Baselines to minimize lateral movement risks.
  • Secure organizational processes like risk assessment, access control, and monitoring.
  • Learn why end-user awareness is critical for preventing security breaches.

💡Bonus: Free resources (guides, tools, learning path), notification service for Zero Days, and more.

 
Course Format & Key Features
  • 16+ hours of structured learning → Deep-dive into Windows & AD security
  • 5+ hours of real-world demonstrations → Watch attacks & defenses in action
  • Certification included → Get proof of your skills
  • Free security tools & resources → Guides, learning paths, AD scanner
  • Zero-Day alert service → Stay informed on critical threats
  • Risk-free enrollment → 14-day money-back guarantee
 
Why Learn With Me?
  • Taught by a Cybersecurity Engineer with 8+ years of experience.
    • The knowledge from this course help me to become a successful Cybersecurity Engineer, Team Leader and Auditor.
    • I started as a Windows Administrator
  • Real-world insights, not just theory.
  • Focused on practical security—fix misconfigurations, detect attackers, and protect infrastructure.


🚀 Ready to Secure Your Windows Environment?

 
Course video samples:

Agenda

Theory

Demo

Course Syllabus

This chapter delves into the Windows Operating System from a cybersecurity perspective. Explore essential topics to bolster your understanding of securing Windows environments.

Basics:

    • Explore different Windows OS editions, including Windows Server Core and Nano.
    • Understand security boundaries such as User Account Control (UAC), Access Control Lists (ACL), and various entities.

System Protection:

    • Discover system security features in Windows OS, such as Secure Boot and Trusted Boot.
    • Learn about application allowlisting and other protective measures.

Secrets Location:

    • Investigate where user, computer, and service secrets are stored.
    • Understand both potential risks (how they can be stolen) and protective strategies.

Remote Access:

    • Learn how to manage Windows operating systems remotely.
    • Explore benefits and considerations for remote management.

Windows Firewall:

    • Gain insights into how Windows Firewall operates.
    • Discover ways to work with it effectively without disabling it entirely.

Windows Event Log:

    • Understand when and how to use Windows Event log.
    • Configure it to obtain relevant information.
    • Explore the extension of Windows event log through Sysmon.

Gain a deep understanding of Active Directory, uncover vulnerabilities, and explore relevant services.

Basics:

    • Understand how Active Directory works and explore its components.
    • Topics include hierarchy, trusts, FSMO roles, RODC (Read-Only Domain Controller), and service accounts.

Authentication:

    • Dive into the background of authentication protocols Kerberos and NTLM.
    • Learn how to configure and enhance their security.
    • Explore authentication policies.

Group Policy Objects (GPO):

    • Master the proper usage of GPOs and understand how they function.

Active Directory Certificate Services (AD CS):

    • Explore asymmetric cryptography within the Windows Infrastructure.
    • Understand the architecture of AD CS and best practices for its administration.

Vulnerabilities:

    • Investigate common vulnerabilities and persistent attack methods in Active Directory.
    • Learn how to search for vulnerabilities and perform security scans.
    • Topics include AD certificate services ESC vulnerabilities, Kerberos delegation, Entrust ID Connect server, misconfigured ACLs, DCSync, hidden accounts, and more.

Attack Paths:

    • Utilize BloodHound to discover escalation paths within Active Directory.
    • Observe how attackers proceed in the attack process.

This chapter explores the integration of technical and organizational security measures to protect Windows infrastructure. It covers essential strategies like the Tiering Model, Security Baselines, and key organizational processes.

Tiering Model:

    • Understand what a tiering model is and why it’s crucial for effective security.
    • Learn how to implement it within your infrastructure.

Security Baselines:

    • Explore the concept of security baselines and their significance.
    • Discover practical steps for implementing security baselines effectively.

Organizational Measures:

    • Recognize that security isn’t just about technical controls—it also involves organizational processes.
    • Dive into process security, covering risk assessment, access control, monitoring, patching, and more.
    • Highlight the critical role of end users (people) in maintaining security.

Let's learn together

contact:

  • Prague, Czech Republic
  • info@horizon-secured.com

find us on:

Linkedin X-twitter
buy a course