Securing Windows Server 2016 by Microsoft

Introduction:

The Microsoft Securing Windows Server 2016 course provides a comprehensive training program aimed at enhancing the security of IT infrastructures. The course starts with the premise that network intrusions are prevalent and emphasizes implementing robust security measures to prevent such occurrences.

Participants will gain expertise in securing Windows Server 2016 through administrative credential configuration, malware and security threat mitigation, advanced auditing, threat analysis, and the application of encryption and Dynamic Access Control (DAC) for data accessibility.

Additionally, the course covers network security, including file access encryption and DAC, with recommendations to bolster network security against unauthorized activities.

Target Audience: IT professionals responsible for maintaining the security of Windows Server 2016 networks, particularly those working in domain-based environments with limited Internet access and cloud platform availability.

Objectives:

Upon completing the Securing Windows Server 2016 training, participants will be able to:

• Apply Windows Server 2016 security best practices.
• Restrict administrator rights using Just Enough Administration (JEA).
• Manage and control privileged access securely.
• Effectively mitigate malware and security threats.
• Analyze activities with advanced auditing and log analytics.
• Deploy and configure Advanced Threat Analytics (ATA) and Microsoft Operations Management Suite (OMS).
• Configure Guarded Fabric VMs to enhance security.
• Utilize the Security Compliance Toolkit (SCT) and containers for security improvements.
• Plan and implement data protection strategies.
• Optimize and secure file services.
• Protect network traffic with firewalls and encryption.
• Secure network traffic using DNSSEC and Message Analyzer.

Training Methodology:

• Instructor-led training sessions
• Group discussions and case studies
• Real-world scenario simulations
• Step-by-step configuration demonstrations
• Interactive Q&A sessions
• Microsoft virtual environments
• Evaluation and feedback sessions

Course Outline:

Unit 1: Attacks, Breach Detection, and Sysinternals Tools

• Reasons for cyber attacks
• Steps for detecting breaches
• Using Sysinternals tools for system event analysis

Unit 2: Protecting Credentials and Privileged Access

• Assessing User Rights
• Understanding Computer and Service Accounts
• Protecting Credentials
• Implementing Privileged Access Workstations and jump servers
• Managing Local Administrator Password Solutions (LAPS)

Unit 3: Limiting Administrator Rights with Just Enough Administration (JEA)

• Understanding JEA concepts
• Authenticating JEA capabilities
• Implementing JEA in practice

Unit 4: Privileged Access Management and Administrative Forest

• Enhanced Security Administrative Environment (ESAE) forests
• Overview of Microsoft Identity Manager (MIM)
• Just In Time (JIT) administration and Privileged Access Management (PAM)

Unit 5: Mitigating Malware and Threats

• Managing Windows Defender
• Implementing Software Restriction Policies
• Using Device Guard

Unit 6: Analyzing Activity with Advanced Auditing and Log Analytics

• Basics of auditing
• Advanced auditing features
• Windows PowerShell for auditing and logging

Unit 7: Deploying and Configuring Advanced Threat Analytics (ATA) and Operations Management Suite (OMS)

• SNA Deployment and ATA configuration
• Incorporating Microsoft Operations Management Suite
• Installing Azure Security Center

Unit 8: Securing Virtualization Infrastructure

• Guarded Fabric concept
• Creating VMs with encryption support

Unit 9: Securing Application Development and Server-Workload Infrastructure

• Using Security Compliance Manager
• Securing applications built with containers

Unit 10: Planning and Protecting Data

• Encryption planning and implementation
• Enabling BitLocker
• Azure Information Protection

Unit 11: Optimizing and Securing File Services

• File Server Resource Manager (FSRM)
• Classifying and managing file tasks
• Access control with DAC

Unit 12: Securing Network Traffic with Firewalls and Encryption

• Understanding network security threats
• Configuring Windows Firewall with Advanced Security
• IPsec configuration and content security
• Benefits of Datacenter Firewall

Unit 13: Securing Network Traffic

• Tuning DNS security level
• Examining network traffic with Microsoft Message Analyzer
• Maintaining server security and evaluating SMB traffic

Conclusion:

The Microsoft Securing Windows Server 2016 course is designed to equip IT specialists with comprehensive knowledge and practical skills to secure and fortify Windows Server 2016 environments against cyber threats.