Publication date : 06/24/2024
Course : Windows 2016, securing your infrastructure
Practical course - 3d
- 21h00 - Ref. WSI
|
Download in PDF format
Share this course by email
 | Key features of a secure infrastructure |
| Setting up a certificate server |
| Implement Active Directory security |
| Implement NAP with mandatory access controls |
| Implementing IPSec on Windows |
Intended audience
System administrators and engineers.
Prerequisites
Good knowledge of TCP/IP, Windows Server 2016 administration and Active Directory.
Course schedule
1 Operating system security
- Minimum installation option and Core mode.
- Dynamic access control for user accounts.
- Windows 2016 Server advanced firewall.
- Windows login and authentication: NTLM authentication.
- Implementation of update management (WSUS).
- Assessing, identifying and managing safety with MSAT, MBSA and MSCM tools.
Hands-on work
Basic settings and parameters for securing a Windows 2016 server.
2 Certificates and PKI architecture
- PKI basics.
- Certificate and private key management.
- The certificate server role.
- 2-level PKI architecture.
- Certification authority server: certification authority (AD-CS).
Hands-on work
Setting up a certificate server. Basic certificate administration. Securing Web access with HTTPS.
3 Securing Active Directory
- Basic principle of AD security.
- What's new in Active Directory Certificate Services (AD CS).
- RODC (Read-Only Domain Controller): benefits and implementation.
- ACL (access control list) protection.
Hands-on work
Active Directory security. Password granularity. RODC installation and configuration.
4 Data protection
- Reminder of the fundamentals of NTFS and ReFS security.
- Setting up EFS. EFS limits.
- BitLocker: disk encryption and encryption key storage.
Hands-on work
Implementation of EFS. Data recovery with an agent.
5 NAP network access protection
- Configure NAP (Network Access Protection).
- Control of internal and external PCs.
- Configure NAP implementation for VPN.
- NPS servers. RADIUS Infrastructure components.
Hands-on work
Set up NAPs with mandatory access controls. Restrict network access for non-DHCP-compliant machines.
6 VPN and IPSec
- VPNs: the tunneling principle.
- Secure domain access with IPSec.
Hands-on work
Implementing IPSec on Windows. Advanced firewall configuration. RADIUS server setup.
PARTICIPANTS
System administrators and engineers.
PREREQUISITES
Good knowledge of TCP/IP, Windows Server 2016 administration and Active Directory.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.
System administrators and engineers.
PREREQUISITES
Good knowledge of TCP/IP, Windows Server 2016 administration and Active Directory.
TRAINER QUALIFICATIONS
The experts leading the training are specialists in the covered subjects. They have been approved by our instructional teams for both their professional knowledge and their teaching ability, for each course they teach. They have at least five to ten years of experience in their field and hold (or have held) decision-making positions in companies.
ASSESSMENT TERMS
The trainer evaluates each participant’s academic progress throughout the training using multiple choice, scenarios, hands-on work and more.
Participants also complete a placement test before and after the course to measure the skills they’ve developed.
TEACHING AIDS AND TECHNICAL RESOURCES
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
• The main teaching aids and instructional methods used in the training are audiovisual aids, documentation and course material, hands-on application exercises and corrected exercises for practical training courses, case studies and coverage of real cases for training seminars.
• At the end of each course or seminar, ORSYS provides participants with a course evaluation questionnaire that is analysed by our instructional teams.
• A check-in sheet for each half-day of attendance is provided at the end of the training, along with a course completion certificate if the trainee attended the entire session.
TERMS AND DEADLINES
Registration must be completed 24 hours before the start of the training.
ACCESSIBILITY FOR PEOPLE WITH DISABILITIES
Do you need special accessibility accommodations? Contact Mrs. Fosse, Disability Manager, at psh-accueil@orsys.fr to review your request and its feasibility.