Learn your way! Get started

Securing Windows Server 2016

with expert Patrick Loner


Course at a glance


Release date 4/30/2018
Level
Runtime 13h 18m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included


Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More



Course description

This training series focuses on how to secure Windows Server 2016 environments. It covers methods and technologies for hardening server environments and securing virtual machine infrastructures using Shielded and encryption-supported virtual machines and Guarded Fabric. In addition, the series covers the protection of Active Directory and identity infrastructure with the Enhanced Security Administrative Environment (ESAE) Administrative Forest design approach and the management of privileged identities using Just-in-Time (JIT) and Just-Enough-Administration (JEA) approaches, along with Privileged Access Workstations (PAWs) and Local Administrator Password Solution (LAPS). The series also covers threat detection solutions, such as auditing, implementing Advanced Threat Analytics (ATA), the understanding of Operations Management Suite (OMS) solutions, and workload-specific security including the use of Nano Server for particular server workloads.

Prerequisites

none

Meet the expert

Patrick Loner Patrick Loner has certifications for MCSA, MCSE, MCITP, A+, Network+, Security+, and more. He has been working as a Microsoft Certified Trainer, network administrator, and network consultant for over ten years. He has over a decade of experience working with and teaching about Windows networks with client and server operating systems. He has guided many students toward Microsoft and CompTIA certifications. Most recently, he has worked as a freelance trainer and network consultant specializing in Windows Server 2008 and Microsoft Exchange 2007 and Exchange 2010 implementations, design, and upgrades. Patrick continues to branch out now working with and training on Windows Server 2012, Windows 8, Exchange 2013, and System Center Configuration Manager 2012.


Course outline



Introduction to Security

Understanding Attacks (31:25)
  • Introduction (00:29)
  • Assume Breach (03:16)
  • Methods of Attack (12:45)
  • Attack Stages (07:01)
  • Prioritizing Resources (03:30)
  • Incident Response Strategy (02:11)
  • Ensuring Compliance (02:03)
  • Summary (00:06)
Detecting Security Breaches (06:41)
  • Introduction (00:23)
  • Locating Evidence (01:40)
  • Event Logs (02:35)
  • Examining Other Configurations (01:55)
  • Summary (00:06)
Using Sysinternals Tools (29:39)
  • Introduction (00:23)
  • Introducing Sysinternals (02:32)
  • Demo: Sysinternals (01:35)
  • Introduction to FSRM (00:17)
  • System Monitor (02:05)
  • AccessChk (01:32)
  • Autoruns (01:34)
  • LogonSessions (01:24)
  • Process Explorer (01:37)
  • Process Monitor (01:27)
  • Sigcheck (01:18)
  • Demo: Locating Systinternals (01:48)
  • Demo: LogonSessions (05:34)
  • Demo: Process Explorer (03:10)
  • Demo: Process Monitor (03:11)
  • Summary (00:06)

Rights and Permissions

User Rights and Priveleges (41:58)
  • Introduction (00:19)
  • Principle of Least Privilege (05:05)
  • Configuring User Rights (03:23)
  • Configuring Account Security Options (09:33)
  • Demo: Control Privileges (05:29)
  • Demo: Account Options (02:24)
  • Demo: Active Directory in PowerShell (04:08)
  • Demo: User Properties (04:03)
  • Account Security Controls (02:16)
  • Complexity Options (03:28)
  • Summary (01:46)
Assigning Privileges (49:30)
  • Introduction (00:18)
  • Password and Lockout Policies (03:34)
  • Demo: Password Policies (04:22)
  • Configuring Fine-Grained Password Policies (01:26)
  • Understanding PSO Application (02:55)
  • Protected Users Security Groups (03:23)
  • Delegating Administrative Control (04:12)
  • Demo: Access Control Lists (06:25)
  • Local Administrator Password Solutions (03:23)
  • LAPS Requirements (01:40)
  • LAPS Process (01:13)
  • Configuring and Managing Passwords (03:40)
  • Demo: LAPS (04:23)
  • Demo: LAPS GPO (06:42)
  • Summary (01:46)

Accounts and Access

Computer and Service Accounts (19:03)
  • Introduction (00:11)
  • What Is a Computer Account (01:40)
  • Computer Account Functionality (01:19)
  • Working with Secure Channel Passwords (01:54)
  • Service Account Tyoes (02:05)
  • Group MSAs (03:12)
  • Demo: Configure MSA (04:41)
  • Demo: MSA Continued (03:50)
  • Summary (00:06)
Protecting User Credentials (19:23)
  • Introduction (00:11)
  • Introducing Credential Guard (02:14)
  • Credential Guard Requirements (01:30)
  • Configuring Credential Guard (01:18)
  • Verifying Credential Guard Operation (01:23)
  • Credential Guard Weaknesses (01:19)
  • NTLM Blocking (03:33)
  • Searching AD DS for Problem Accounts (02:05)
  • Demo: Locate Problem Accounts (05:41)
  • Summary (00:06)
Privileged Access (11:42)
  • Introduction (00:33)
  • The Need for Privileged Access Workstations (01:52)
  • Privileged Access Workstations (01:41)
  • Jump Servers (01:09)
  • Securing Domain Controllers (06:19)
  • Summary (00:06)

Managing Administrative Access

Deploy JEA (31:29)
  • Introduction (00:23)
  • Introduction to JEA (06:01)
  • JEA Components (01:05)
  • Session Configuration Files (03:06)
  • Demo: Session Configuration File (03:17)
  • Role Capability Files (02:32)
  • Demo: Configure JEA (02:34)
  • Demo: DNSops File (04:57)
  • JEA Endpoints (01:12)
  • Demo: JEA Endpoint (02:15)
  • Connecting to JEA Endpoints (01:52)
  • Deploying JEA Endpoints (02:04)
  • Summary (00:06)
Enhanced Security (12:00)
  • Introduction (00:18)
  • ESAE Forests (02:34)
  • Administrative Tiers (01:47)
  • ESAE Best Practices (02:41)
  • The Clean Source Principle (02:08)
  • Implementing the Clean Source Principle (02:23)
  • Summary (00:06)
Identity Manager (07:49)
  • Introduction (00:25)
  • Overview of MIM (02:37)
  • MIM Requirements (01:50)
  • MIM Service Accounts (02:50)
  • Summary (00:06)
IT Admin and PAM (15:58)
  • Introduction (00:32)
  • Overview of JIT Administration (01:32)
  • Privileged Access Management (02:32)
  • PAM Components (02:12)
  • Creating an Administrative Forest (01:26)
  • Configuring Trust Relationships (03:22)
  • Shadow Principals (02:09)
  • Configuring the MIM Web Portal (01:00)
  • Managing and Configuring PAM Roles (01:04)
  • Summary (00:06)

Configuring Anti-Malware and Patch Management

Windows Defender (18:30)
  • Introduction (00:09)
  • Understanding Malware (04:44)
  • Malware Sources (01:41)
  • Mitigation Methods (03:26)
  • Windows Defender (01:40)
  • Demo: Configure Windows Defender (02:27)
  • Demo: Scan with Windows Defender (04:15)
  • Summary (00:06)
Restricting Software (29:44)
  • Introduction (00:14)
  • Controlling Applications (01:41)
  • Software Restriction Policies (02:48)
  • Security Levels (01:16)
  • AppLocker (02:41)
  • AppLocker (03:02)
  • Support for AppLocker (01:57)
  • Creating Default Rules (03:01)
  • Demo: AppLocker (06:06)
  • Demo: Create Rules (05:08)
  • Summary (01:46)
Using Device Guard (11:48)
  • Introduction (00:15)
  • Ovierview of Device Guard (02:06)
  • Device Guard Features (02:11)
  • Configuring Device Guard (01:43)
  • Device Guard Policies (02:28)
  • Deploying Code Integrity Policies (01:33)
  • Control Flow Guard (01:23)
  • Summary (00:06)
Patch Management (29:07)
  • Introduction (00:10)
  • Overview of WSUS (02:26)
  • Deployment Options (02:05)
  • Server Requirements (01:52)
  • Configuring Clients (01:27)
  • Administering WSUS (01:08)
  • Approving Updates (01:47)
  • Demo: Installl WSUS (06:25)
  • Demo: Navigate WSUS (05:24)
  • Demo: WSUS Options (06:14)
  • Summary (00:06)

Auditing Windows Server 2016

Auditing (21:24)
  • Introduction (00:17)
  • Overview of Auditing (01:50)
  • The Purpose of Auditing (01:29)
  • Types of Events (04:49)
  • Auditing Goals (00:56)
  • Auditing File and Object Access (01:52)
  • Demo: Define Audit Policies (05:11)
  • Demo: Event Log Settings (04:51)
  • Summary (00:06)
Advanced Auditing (41:39)
  • Introduction (00:40)
  • Advanced Auditing (01:11)
  • Advanced Auditing Subcategories (02:40)
  • Dynamic Auditing (02:38)
  • Event Log Subscriptions (02:27)
  • Audit Collection Services (02:01)
  • Demo: Event Forwarding (04:45)
  • Demo: Events (02:13)
  • Auditing with Windows PowerShell (01:58)
  • Demo: Auditing with PowerShell (03:49)
  • Demo: Event Logs in PowerShell (04:10)
  • Transaction Logging (02:02)
  • Module Logging (01:06)
  • Script Block Logging (00:50)
  • Demo: Get Logging Modules (03:00)
  • Demo: Logging (05:56)
  • Summary (00:06)

Analytics and Baselines

Advanced Threat Analytics (15:11)
  • Introduction (00:09)
  • Overview of ATA (02:35)
  • Usage Scenarios (05:08)
  • Deployment Requirements (02:14)
  • ATA Gateways (02:02)
  • Port Mirroring (01:17)
  • Configuring ATA Center (01:37)
  • Summary (00:06)
Operations Management (07:06)
  • Introduction (00:07)
  • Introduction to Operations Management Suite (00:54)
  • Deployment Overview (01:39)
  • OMS Solutions (01:33)
  • Installing OMS (01:26)
  • OMS Solutions Continued (01:19)
  • Summary (00:06)
Virtualization Infrastructure (15:14)
  • Introduction (00:29)
  • Introduction to Guarded Fabric (03:16)
  • Host Guardian Service (01:31)
  • Preparing HGS Nodes (01:20)
  • Installing and Configuring HGS (02:10)
  • Attestation and Encryption (01:35)
  • Attestation Methods (01:22)
  • Initializing HGS (01:59)
  • Configuring HSG Clients (01:23)
  • Summary (00:06)
Security Baselines (20:13)
  • Introduction (00:07)
  • Security Compliance Manager (03:33)
  • SCM Requirements (01:21)
  • Demo: Install SCM (03:11)
  • Demo: Import GPOs (04:28)
  • Demo: Configuring a Baseline (03:22)
  • Demo: Deploy a Baseline (04:01)
  • Summary (00:06)
Deploy Nano Server (07:11)
  • Introduction (00:14)
  • Planning for Nano Server (01:06)
  • Understanding Nano Server Roles (00:45)
  • Installing Nano Server Roles (02:06)
  • Nano Server Installation (01:00)
  • Installation Steps (01:52)
  • Summary (00:06)

File Security

File Encryption (28:54)
  • Introduction (00:18)
  • Introducing Encrypting File System (06:36)
  • EFS Features (06:26)
  • Encryption and Decryption (03:47)
  • Recovering EFS Files (02:54)
  • Demo: EFS (03:33)
  • Demo: Encrypting Folders (05:11)
  • Summary (00:06)
BitLocker (32:16)
  • Introduction (00:14)
  • Overview of BitLocker (03:21)
  • BitLocker and TPMs (02:19)
  • BitLocker Requirements (02:00)
  • Tools for Configuring and Managing BitLocker (01:48)
  • Deploying BitLocker (01:39)
  • Demo: Deploying BitLocker (04:59)
  • Demo: Enable BitLocker on Client (05:17)
  • BitLocker on Hyper-V VMs (00:42)
  • BitLocker and CSVs (01:42)
  • Enabling BitLocker for CSV (01:08)
  • Network Unlock (01:56)
  • Network Unlock Process (01:12)
  • BitLocker Recovery (03:00)
  • Microsoft BitLocker Administration and Monitoring (00:45)
  • Summary (00:06)

File Server Resource Manager

File Server Resource Manager (29:34)
  • Introduction (00:18)
  • Capacity Management (02:52)
  • Storage Management (01:14)
  • Introduction to FSRM (01:41)
  • Overview of FSRM (01:14)
  • Installing and Configuring FSRM (01:30)
  • Demo: FSRM (05:52)
  • Quota Management (02:53)
  • Demo: Create Quotas (05:56)
  • Demo: Using Quotas (05:53)
  • Summary (00:06)
File Screens and Reports (28:11)
  • Introduction (00:18)
  • File Screening (02:32)
  • Using File Groups (01:54)
  • Exceptions and Templates (01:55)
  • Demo: File Screens (04:08)
  • Demo: File Screen Properties (05:59)
  • Storage Reports (02:12)
  • Report Tasks (00:47)
  • Demo: Storage Reports (01:32)
  • Demo: Generate Reports (05:18)
  • Automatic File Management (01:25)
  • Summary (00:06)

File Management

Classification and File Management (16:19)
  • Introduction (00:12)
  • File Classification (02:24)
  • Classification Rules (06:20)
  • Demo: Classify Confidential Documents (00:01)
  • Demo: Classification Continued (03:41)
  • File Management Tasks (03:33)
  • Summary (00:06)
Dynamic Access Control (38:57)
  • Introduction (00:12)
  • Overview of Dynamic Access Control (02:43)
  • Dynamic Access Control Scenarios (03:37)
  • DAC Technologies (01:13)
  • Understanding Identity (03:12)
  • Understanding Claims (03:14)
  • Types of Claims (02:18)
  • Central Access Policies (01:27)
  • Policy Components (01:35)
  • DAC Prerequisities (03:07)
  • Demo: Prepare for DAC (04:35)
  • Demo: Create Claim Type (06:23)
  • Demo: DAC (05:10)
  • Summary (00:06)

Firewalls

Windows Firewall (32:55)
  • Introduction (00:13)
  • Types of Firewalls (03:48)
  • Well-Known Ports (02:12)
  • Host-Based Firewall (02:24)
  • Network Profiles (02:16)
  • Configuring the Windows Firewall (04:12)
  • Demo: Configure the Firewall via Control Panel (02:05)
  • Demo: Windows Firewall with Advanced Security (05:13)
  • Demo: Configure the Firewall via PowerShell (05:40)
  • Demo: Configure the Firewall be GPME (04:43)
  • Summary (00:06)
Datacenter Firewall (08:30)
  • Introduction (00:38)
  • Network Controller (02:10)
  • Datacenter Firewall (02:24)
  • Network Security Groups (00:52)
  • Scenarios for Datacenter Firewall (02:18)
  • Summary (00:06)
Utilizing IP Security (30:50)
  • Introduction (00:13)
  • Overview of IP Security (02:07)
  • IPSec Protocols (02:08)
  • IPSec Usage Scenarios (04:09)
  • IPSec Configuration Tools (00:59)
  • Connection Security Rules (00:54)
  • Understanding Rule Types (01:38)
  • Rule Endpoints (01:47)
  • Authentication Settings (02:57)
  • Authentication Methods (02:31)
  • Encryption Settings (01:32)
  • Monitoring Connections (00:56)
  • Demo: Implementing IPSec (04:26)
  • Demo: Protocols (02:41)
  • Summary (01:46)

DNS and Network Traffic

Advanced DNS Settings (41:36)
  • Introduction (00:06)
  • Managing DNS Services (03:35)
  • Optimizing DNS Name Resolution (03:17)
  • The GlobalNames Zone (01:37)
  • Implementing DNS Security (04:44)
  • DNS Security (DNSSEC) (01:44)
  • Implementing DNSSEC (02:44)
  • Demo: DNSSEC (03:55)
  • Demo: Validating Responses (02:58)
  • Introducing DNS Policies (01:46)
  • Implementing DNS Policies (03:11)
  • RRL Feature (03:07)
  • Demo: Configure DNS Policies (06:03)
  • Demo: RRL (02:37)
  • Summary (00:06)
Monitoring Network Traffic (09:04)
  • Introduction (00:05)
  • Microsoft Message Analyzer (02:53)
  • Demo: MMA (05:59)
  • Summary (00:06)
Securing SMB Traffic (07:14)
  • Introduction (00:31)
  • SMB 3.1.1 Protocol Security (02:12)
  • SMB Encryption Requirements (01:34)
  • Encrypting SMB Shares (01:26)
  • Disabling Support for SMB 1.0 (01:23)
  • Summary (00:06)