Securing Windows Server 2016, Part 1 of 5: Overview and Users
Interactive

Securing Windows Server 2016, Part 1 of 5: Overview and Users

LearnNow Online
Updated Aug 23, 2018

Course description

In this course we need to start off by thinking like an attacker and the attack phases. It will begin with a introduction to attacks, breaches and detection. Next, Users and User security with resources, authorization and credentials as well as controlling rights and privileges. It will round out with managing passwords and group managed service accounts.

Each LearnNowOnline training course is made up of Modules (typically an hour in length). Within each module there are Topics (typically 15-30 minutes each) and Subtopics (typically 2-5 minutes each). There is a Post Exam for each Module that must be passed with a score of 70% or higher to successfully and fully complete the course.


Prerequisites

This is Part 1 of the series.


Meet the expert

Patrick Loner

Patrick Loner has certifications for MCSA, MCSE, MCITP, A+, Network+, Security+, and more. He has been working as a Microsoft Certified Trainer, network administrator, and network consultant for over ten years. He has over a decade of experience working with and teaching about Windows networks with client and server operating systems. He has guided many students toward Microsoft and CompTIA certifications. Most recently, he has worked as a freelance trainer and network consultant specializing in Windows Server 2008 and Microsoft Exchange 2007 and Exchange 2010 implementations, design, and upgrades. Patrick continues to branch out now working with and training on Windows Server 2012, Windows 8, Exchange 2013, and System Center Configuration Manager 2012.

Video Runtime

209 Minutes

Time to complete

269 Minutes

Course Outline

Introduction to Security

Understanding Attacks (31:25)

  • Introduction (00:29)
  • Assume Breach (03:16)
  • Methods of Attack (12:45)
  • Attack Stages (07:01)
  • Prioritizing Resources (03:30)
  • Incident Response Strategy (02:11)
  • Ensuring Compliance (02:03)
  • Summary (00:06)

Detecting Security Breaches (06:41)

  • Introduction (00:23)
  • Locating Evidence (01:40)
  • Event Logs (02:35)
  • Examining Other Configurations (01:55)
  • Summary (00:06)

Using Sysinternals Tools (29:39)

  • Introduction (00:23)
  • Introducing Sysinternals (02:32)
  • Demo: Sysinternals (01:35)
  • Introduction to FSRM (00:17)
  • System Monitor (02:05)
  • AccessChk (01:32)
  • Autoruns (01:34)
  • LogonSessions (01:24)
  • Process Explorer (01:37)
  • Process Monitor (01:27)
  • Sigcheck (01:18)
  • Demo: Locating Systinternals (01:48)
  • Demo: LogonSessions (05:34)
  • Demo: Process Explorer (03:10)
  • Demo: Process Monitor (03:11)
  • Summary (00:06)
Rights and Permissions

User Rights and Priveleges (41:58)

  • Introduction (00:19)
  • Principle of Least Privilege (05:05)
  • Configuring User Rights (03:23)
  • Configuring Account Security Options (09:33)
  • Demo: Control Privileges (05:29)
  • Demo: Account Options (02:24)
  • Demo: Active Directory in PowerShell (04:08)
  • Demo: User Properties (04:03)
  • Account Security Controls (02:16)
  • Complexity Options (03:28)
  • Summary (01:46)

Assigning Privileges (49:30)

  • Introduction (00:18)
  • Password and Lockout Policies (03:34)
  • Demo: Password Policies (04:22)
  • Configuring Fine-Grained Password Policies (01:26)
  • Understanding PSO Application (02:55)
  • Protected Users Security Groups (03:23)
  • Delegating Administrative Control (04:12)
  • Demo: Access Control Lists (06:25)
  • Local Administrator Password Solutions (03:23)
  • LAPS Requirements (01:40)
  • LAPS Process (01:13)
  • Configuring and Managing Passwords (03:40)
  • Demo: LAPS (04:23)
  • Demo: LAPS GPO (06:42)
  • Summary (01:46)
Accounts and Access

Computer and Service Accounts (19:03)

  • Introduction (00:11)
  • What Is a Computer Account (01:40)
  • Computer Account Functionality (01:19)
  • Working with Secure Channel Passwords (01:54)
  • Service Account Tyoes (02:05)
  • Group MSAs (03:12)
  • Demo: Configure MSA (04:41)
  • Demo: MSA Continued (03:50)
  • Summary (00:06)

Protecting User Credentials (19:23)

  • Introduction (00:11)
  • Introducing Credential Guard (02:14)
  • Credential Guard Requirements (01:30)
  • Configuring Credential Guard (01:18)
  • Verifying Credential Guard Operation (01:23)
  • Credential Guard Weaknesses (01:19)
  • NTLM Blocking (03:33)
  • Searching AD DS for Problem Accounts (02:05)
  • Demo: Locate Problem Accounts (05:41)
  • Summary (00:06)

Privileged Access (11:42)

  • Introduction (00:33)
  • The Need for Privileged Access Workstations (01:52)
  • Privileged Access Workstations (01:41)
  • Jump Servers (01:09)
  • Securing Domain Controllers (06:19)
  • Summary (00:06)