Course description
In this course we need to start off by thinking like an attacker and the attack phases. It will begin with a introduction to attacks, breaches and detection. Next, Users and User security with resources, authorization and credentials as well as controlling rights and privileges. It will round out with managing passwords and group managed service accounts.
Prerequisites
This is Part 1 of the series.
Learning Paths
This course will help you prepare for the following certification and exam:
MCSA: Windows Server 2016
70-744: Securing Windows Server 2016
This course is part of the following LearnNowOnline SuccessPaths™:
Windows Server 2016
Meet the expert
Patrick Loner has certifications for MCSA, MCSE, MCITP, A+, Network+, Security+, and more. He has been working as a Microsoft Certified Trainer, network administrator, and network consultant for over ten years. He has over a decade of experience working with and teaching about Windows networks with client and server operating systems. He has guided many students toward Microsoft and CompTIA certifications. Most recently, he has worked as a freelance trainer and network consultant specializing in Windows Server 2008 and Microsoft Exchange 2007 and Exchange 2010 implementations, design, and upgrades. Patrick continues to branch out now working with and training on Windows Server 2012, Windows 8, Exchange 2013, and System Center Configuration Manager 2012.
Course outline
Introduction to Security
Understanding Attacks (31:25)
- Introduction (00:29)
- Assume Breach (03:16)
- Methods of Attack (12:45)
- Attack Stages (07:01)
- Prioritizing Resources (03:30)
- Incident Response Strategy (02:11)
- Ensuring Compliance (02:03)
- Summary (00:06)
Detecting Security Breaches (06:41)
- Introduction (00:23)
- Locating Evidence (01:40)
- Event Logs (02:35)
- Examining Other Configurations (01:55)
- Summary (00:06)
Using Sysinternals Tools (29:39)
- Introduction (00:23)
- Introducing Sysinternals (02:32)
- Demo: Sysinternals (01:35)
- Introduction to FSRM (00:17)
- System Monitor (02:05)
- AccessChk (01:32)
- Autoruns (01:34)
- LogonSessions (01:24)
- Process Explorer (01:37)
- Process Monitor (01:27)
- Sigcheck (01:18)
- Demo: Locating Systinternals (01:48)
- Demo: LogonSessions (05:34)
- Demo: Process Explorer (03:10)
- Demo: Process Monitor (03:11)
- Summary (00:06)
Rights and Permissions
User Rights and Priveleges (41:58)
- Introduction (00:19)
- Principle of Least Privilege (05:05)
- Configuring User Rights (03:23)
- Configuring Account Security Options (09:33)
- Demo: Control Privileges (05:29)
- Demo: Account Options (02:24)
- Demo: Active Directory in PowerShell (04:08)
- Demo: User Properties (04:03)
- Account Security Controls (02:16)
- Complexity Options (03:28)
- Summary (01:46)
Assigning Privileges (49:30)
- Introduction (00:18)
- Password and Lockout Policies (03:34)
- Demo: Password Policies (04:22)
- Configuring Fine-Grained Password Policies (01:26)
- Understanding PSO Application (02:55)
- Protected Users Security Groups (03:23)
- Delegating Administrative Control (04:12)
- Demo: Access Control Lists (06:25)
- Local Administrator Password Solutions (03:23)
- LAPS Requirements (01:40)
- LAPS Process (01:13)
- Configuring and Managing Passwords (03:40)
- Demo: LAPS (04:23)
- Demo: LAPS GPO (06:42)
- Summary (01:46)
Accounts and Access
Computer and Service Accounts (19:03)
- Introduction (00:11)
- What Is a Computer Account (01:40)
- Computer Account Functionality (01:19)
- Working with Secure Channel Passwords (01:54)
- Service Account Tyoes (02:05)
- Group MSAs (03:12)
- Demo: Configure MSA (04:41)
- Demo: MSA Continued (03:50)
- Summary (00:06)
Protecting User Credentials (19:23)
- Introduction (00:11)
- Introducing Credential Guard (02:14)
- Credential Guard Requirements (01:30)
- Configuring Credential Guard (01:18)
- Verifying Credential Guard Operation (01:23)
- Credential Guard Weaknesses (01:19)
- NTLM Blocking (03:33)
- Searching AD DS for Problem Accounts (02:05)
- Demo: Locate Problem Accounts (05:41)
- Summary (00:06)
Privileged Access (11:42)
- Introduction (00:33)
- The Need for Privileged Access Workstations (01:52)
- Privileged Access Workstations (01:41)
- Jump Servers (01:09)
- Securing Domain Controllers (06:19)
- Summary (00:06)