LearnNowOnline

Learn your way! Get started

Securing Windows Server 2016, Part 2 of 5: Administrative Access

with expert Patrick Loner

Watch trailer

Course at a glance

Included in these subscriptions:

  • Dev & IT Pro Video
  • Dev & IT Pro Power Pack
Release date 4/20/2018
Level Intermediate
Runtime 2h 36m
Closed captioning N/A
Transcript N/A
eBooks / courseware N/A
Hands-on labs N/A
Sample code N/A
Exams Included
Enterprise Solutions

Need reporting, custom learning tracks, or SCORM? Learn More

Course description

This course is all about managing administrative access and a new feature JEA or Just Enough Administration--which is a least privilege model. Then it will cover anti-malware and patch management, configuring and managing windows defender, Device Guard and App Locker. Finally it will close out with WSUS and updating central management of patches.

Prerequisites

This is Part 2 of the series.

Learning Paths

This course will help you prepare for the following certification and exam:
MCSA: Windows Server 2016
70-744: Securing Windows Server 2016

This course is part of the following LearnNowOnline SuccessPaths™:
Windows Server 2016

Meet the expert

Patrick Loner has certifications for MCSA, MCSE, MCITP, A+, Network+, Security+, and more. He has been working as a Microsoft Certified Trainer, network administrator, and network consultant for over ten years. He has over a decade of experience working with and teaching about Windows networks with client and server operating systems. He has guided many students toward Microsoft and CompTIA certifications. Most recently, he has worked as a freelance trainer and network consultant specializing in Windows Server 2008 and Microsoft Exchange 2007 and Exchange 2010 implementations, design, and upgrades. Patrick continues to branch out now working with and training on Windows Server 2012, Windows 8, Exchange 2013, and System Center Configuration Manager 2012.

Course outline

Managing Administrative Access

Deploy JEA (31:29)
  • Introduction (00:23)
  • Introduction to JEA (06:01)
  • JEA Components (01:05)
  • Session Configuration Files (03:06)
  • Demo: Session Configuration File (03:17)
  • Role Capability Files (02:32)
  • Demo: Configure JEA (02:34)
  • Demo: DNSops File (04:57)
  • JEA Endpoints (01:12)
  • Demo: JEA Endpoint (02:15)
  • Connecting to JEA Endpoints (01:52)
  • Deploying JEA Endpoints (02:04)
  • Summary (00:06)
Enhanced Security (12:00)
  • Introduction (00:18)
  • ESAE Forests (02:34)
  • Administrative Tiers (01:47)
  • ESAE Best Practices (02:41)
  • The Clean Source Principle (02:08)
  • Implementing the Clean Source Principle (02:23)
  • Summary (00:06)
Identity Manager (07:49)
  • Introduction (00:25)
  • Overview of MIM (02:37)
  • MIM Requirements (01:50)
  • MIM Service Accounts (02:50)
  • Summary (00:06)
IT Admin and PAM (15:58)
  • Introduction (00:32)
  • Overview of JIT Administration (01:32)
  • Privileged Access Management (02:32)
  • PAM Components (02:12)
  • Creating an Administrative Forest (01:26)
  • Configuring Trust Relationships (03:22)
  • Shadow Principals (02:09)
  • Configuring the MIM Web Portal (01:00)
  • Managing and Configuring PAM Roles (01:04)
  • Summary (00:06)

Configuring Anti-Malware and Patch Management

Windows Defender (18:30)
  • Introduction (00:09)
  • Understanding Malware (04:44)
  • Malware Sources (01:41)
  • Mitigation Methods (03:26)
  • Windows Defender (01:40)
  • Demo: Configure Windows Defender (02:27)
  • Demo: Scan with Windows Defender (04:15)
  • Summary (00:06)
Restricting Software (29:44)
  • Introduction (00:14)
  • Controlling Applications (01:41)
  • Software Restriction Policies (02:48)
  • Security Levels (01:16)
  • AppLocker (02:41)
  • AppLocker (03:02)
  • Support for AppLocker (01:57)
  • Creating Default Rules (03:01)
  • Demo: AppLocker (06:06)
  • Demo: Create Rules (05:08)
  • Summary (01:46)
Using Device Guard (11:48)
  • Introduction (00:15)
  • Ovierview of Device Guard (02:06)
  • Device Guard Features (02:11)
  • Configuring Device Guard (01:43)
  • Device Guard Policies (02:28)
  • Deploying Code Integrity Policies (01:33)
  • Control Flow Guard (01:23)
  • Summary (00:06)
Patch Management (29:07)
  • Introduction (00:10)
  • Overview of WSUS (02:26)
  • Deployment Options (02:05)
  • Server Requirements (01:52)
  • Configuring Clients (01:27)
  • Administering WSUS (01:08)
  • Approving Updates (01:47)
  • Demo: Installl WSUS (06:25)
  • Demo: Navigate WSUS (05:24)
  • Demo: WSUS Options (06:14)
  • Summary (00:06)