Scribd
Upload
226 views

Securing Windows Server 2016: Official Microsoft Learning Product

This document provides an overview of the contents and modules in an official Microsoft learning product about securing Windows Server 2016. The document outlines 12 modules that cover topics such as attacks and breach detection, protecting credentials and privileged access, limiting administrator rights, and securing applications, data, network traffic, and virtual infrastructure. Each module contains lessons and labs to help users learn about and implement security strategies in Windows Server 2016.

Uploaded by

MA Maalej
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
226 views

Securing Windows Server 2016: Official Microsoft Learning Product

This document provides an overview of the contents and modules in an official Microsoft learning product about securing Windows Server 2016. The document outlines 12 modules that cover topics such as attacks and breach detection, protecting credentials and privileged access, limiting administrator rights, and securing applications, data, network traffic, and virtual infrastructure. Each module contains lessons and labs to help users learn about and implement security strategies in Windows Server 2016.

Uploaded by

MA Maalej
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

O F F I C I A L M I C R O S O F T L E A R N I N G P R O D U C T

20744C
Securing Windows Server 2016
xiv Securing Windows Server 2016

Contents
Module 1: Attacks, breach detection, and Sysinternals tools
Module Overview 1-1
Lesson 1: Understanding attacks 1-2

Lesson 2: Detecting security breaches 1-8

Lesson 3: Examining activity with the Sysinternals tools 1-11


Lab: Basic breach detection and incident response strategies 1-19

Module Review and Takeaways 1-24

Module 2: Protecting credentials and privileged access


Module Overview 2-1
Lesson 1: Understanding user rights 2-2

Lesson 2: Computer and service accounts 2-12

Lesson 3: Protecting credentials 2-16

Lab A: Implementing user rights, security options, and group managed


service accounts 2-21

Lesson 4: Privileged Access Workstations and jump servers 2-26

Lesson 5: Local administrator password solution 2-30

Lab B: Configuring and deploying LAPS 2-34

Module Review and Takeaways 2-37

Module 3: Limiting administrator rights with Just Enough Administration


Module Overview 3-1

Lesson 1: Understanding JEA 3-2

Lesson 2: Verifying and deploying JEA 3-9

Lab: Limiting administrator privileges with JEA 3-12

Module Review and Takeaways 3-18

Module 4: Privileged access management and administrative forests


Module Overview 4-1

Lesson 1: ESAE forests 4-2

Lesson 2: Overview of Microsoft Identity Manager 4-5

Lesson 3: Overview of JIT administration and PAM 4-9

Lab: Limiting administrator privileges with PAM 4-17

Module Review and Takeaways 4-25


Securing Windows Server 2016 xv

Module 5: Mitigating malware and threats


Module Overview 5-1

Lesson 1: Configuring and managing Windows Defender 5-2


Lesson 2: Restricting software 5-11

Lesson 3: Configuring and using the Windows Defender Device Guard feature 5-15

Lab: Securing applications with Windows Defender, AppLocker, and


Windows Defender Device Guard Rules 5-22

Module Review and Takeaways 5-29

Module 6: Analyzing activity with advanced auditing and log analytics


Module Overview 6-1
Lesson 1: Overview of auditing 6-2

Lesson 2: Advanced auditing 6-8

Lesson 3: Windows PowerShell auditing and logging 6-14

Lab: Configuring advanced auditing 6-19

Module Review and Takeaways 6-25

Module 7: Deploying and configuring Advanced Threat Analytics and


Microsoft Operations Management Suite
Module Overview 7-1

Lesson 1: Deploying and configuring ATA 7-2

Lesson 2: Deploying and configuring Microsoft Operations Management Suite 7-14

Lesson 3: Deploying and configuring Azure Security Center 7-23

Lab: Deploying ATA, Microsoft Operations Management Suite, and


Azure Security Center 7-27

Module Review and Takeaways 7-34

Module 8: Secure virtualization infrastructure


Module Overview 8-1

Lesson 1: Guarded fabric 8-2

Lesson 2: Shielded and encryption-supported virtual machines 8-17

Lab: Guarded fabric with Admin-trusted attestation and shielded VMs 8-25

Module Review and Takeaways 8-32


xvi Securing Windows Server 2016

Module 9: Securing application development and server-workload


infrastructure
Module Overview 9-1

Lesson 1: Using the SCT 9-2


Lab A: Using the SCT 9-9

Lesson 2: Understanding containers 9-13

Lab B: Deploying and configuring containers 9-25


Module Review and Takeaways 9-29

Module 10: Planning and protecting data


Module Overview 10-1

Lesson 1: Planning and implementing encryption 10-2


Lesson 2: Planning and implementing BitLocker 10-10

Lab: Protecting data by using encryption and BitLocker 10-24

Lesson 3: Protecting data by using Azure Information Protection 10-31

Module Review and Takeaways 10-39

Module 11: Optimizing and securing file services


Module Overview 11-1

Lesson 1: File Server Resource Manager 11-2

Lesson 2: Implementing classification and file management tasks 11-16

Lab A: Quotas and file screening 11-21

Lesson 3: Dynamic Access Control 11-25

Lab B: Implementing Dynamic Access Control 11-42

Module Review and Takeaways 11-50

Module 12: Securing network traffic with firewalls and encryption


Module Overview 12-1

Lesson 1: Understanding network-related security threats 12-2

Lesson 2: Understanding Windows Firewall with Advanced Security 12-7

Lesson 3: Configuring IPsec 12-13

Lab: Configuring Windows Firewall with Advanced Security 12-26

Lesson 4: Datacenter Firewall 12-31

Module Review and Takeaways 12-36


Securing Windows Server 2016 xvii

Module 13: Securing network traffic


Module Overview 13-1

Lesson 1: Configuring advanced DNS settings 13-2


Lab A: Securing DNS 13-14

Lesson 2: Examining network traffic with Message Analyzer 13-18

Lesson 3: Securing and analyzing SMB traffic 13-27


Lab B: Microsoft Message Analyzer and SMB encryption 13-32

Module Review and Takeaways 13-37

Lab Answer Keys


Module 1 Lab: Basic breach detection and incident response strategies L1-1

Module 2 Lab A: Implementing user rights, security options, and


group managed service accounts L2-5

Module 2 Lab B: Configuring and deploying LAPS L2-10


Module 3 Lab: Limiting administrator privileges with JEA L3-13

Module 4 Lab: Limiting administrator privileges with PAM L4-17


Module 5 Lab: Securing applications with Windows Defender, AppLocker,
and Windows Defender Device Guard Rules L5-25

Module 6 Lab: Configuring advanced auditing L6-31

Module 7 Lab: Deploying ATA, Microsoft Operations Management Suite,


and Azure Security Center L7-37

Module 8 Lab: Guarded fabric with Admin-trusted attestation and


shielded VMs L8-45

Module 9 Lab A: Using the SCT L9-51

Module 9 Lab B: Deploying and configuring containers L9-55

Module 10 Lab: Protecting data by using encryption and BitLocker L10-59


Module 11 Lab A: Quotas and file screening L11-69

Module 11 Lab B: Implementing Dynamic Access Control L11-73

Module 12 Lab: Configuring Windows Firewall with Advanced Security L12-83

Module 13 Lab A: Securing DNS L13-89

Module 13 Lab B: Microsoft Message Analyzer and SMB encryption L13-93

You might also like