Securing Windows Server 2016, Part 1 of 5: Overview and Users

In this course we need to start off by thinking like an attacker and the attack phases. It will begin with a introduction to attacks, breaches and detection. Next, Users and User security with resources, authorization and credentials as well as controlling rights and privileges. It will round out with managing passwords and group managed service accounts. This course contains the following lessons:

Lesson 1:

• Assume Breach
• Methods of Attack
• Attack Stages
• Prioritizing Resources
• Incident Response Strategy
• Ensuring Compliance.

Lesson 2:

• Locating Evidence
• Event Logs
• Examining Other Configurations.

Lesson 3:

• Introducing Sysinternals
• Demo: Sysinternals
• Introduction to FSRM
• System Monitor
• AccessChk
• Autoruns
• Logon Sessions
• Process Explorer
• Process Monitor
• Sigcheck
• Demo: Locating Systinternals
• Demo: Logon Sessions
• Demo: Process Explorer
• Demo: Process Monitor.

Lesson 4:

• Principle of Least Privilege
• Configuring User Rights
• Configuring Account Security Options
• Demo: Control Privileges
• Demo: Account Options
• Demo: Active Directory in PowerShell
• Demo: User Properties
• Account Security Controls
• Complexity Options.

Lesson 5:

• Password and Lockout Policies
• Demo: Password Policies
• Configuring Fine-Grained Password Policies
• Understanding PSO Application
• Protected Users Security Groups
• Delegating Administrative Control
• Demo: Access Control Lists
• Local Administrator Password Solutions
• LAPS Requirements
• LAPS Process
• Configuring and Managing Passwords
• Demo: LAPS
• Demo: LAPS GPO.

Lesson 6:

• What Is a Computer Account
• Computer Account Functionality
• Working with Secure Channel Passwords
• Service Account Types
• Group MSAs
• Demo: Configure MSA
• Demo: MSA Continued.

Lesson 7:

• Introducing Credential Guard
• Credential Guard Requirements
• Configuring Credential Guard
• Verifying Credential Guard Operation
• Credential Guard Weaknesses
• NTLM Blocking
• Searching AD DS for Problem Accounts
• Demo: Locate Problem Accounts.

Lesson 8:

• The Need for Privileged Access Workstations
• Privileged Access Workstations
• Jump Servers
• Securing Domain Controllers.