WARSAW - Training Agenda (EN)
WARSAW - Training Agenda (PL)
Are you in need for dedicated IT security training? Invite us over! We deliver
worldwide!
This
course is Level 3 in Cqure Academy
Learning Path!
About the Trainer
Paula Januszkiewicz
Paula is an IT Security Auditor and
Penetration Tester, Enterprise Security MVP and trainer (MCT) and
Microsoft Security Trusted Advisor. She also is a
top-speaker on many well-known conferences (for example:
TechEd North America, TechEd Europe, TechEd Middle East,
TechDays worldwide RSA worldwide, CyberCrime etc.) and a
publihed author of articles on Windows Security. She conducted
hundreds of IT security audits and penetration tests, including
those for military customers. Her distinct specialization is
definitely in Microsoft security solutions, the field she holds
multiple Microsoft certifications in (MCITP, MCTS, MCSE, MCDBA
etc.). A number of certifications in other related
technologies add up to a successful expert portfolio. Paula
is passionate about sharing her knowledge with others. In her
private time, she enjoys researching new technologies, which she
converts into authored trainings. She authored a book on Threat
Management Gateway 2010. She has been doing penetration
tests for 10 years now! She has got official access to a
source code for Windows!
Overview
Windows Infrastructure Hardening has become a mandatory step
performed on a regular basis by any organization that sees security
as a priority. Businesses nowadays are almost fully dependent on IT
services, making the hardening and securing processes even more
intense. The number of possible attack surfaces has emerged
exponentially in direct relation to the increasingly competitive
field of current technology we are witnessing where developers try
to achieve more and more functionality from implemented solutions
and applications. The CAST 616: Securing Windows Infrastructure is
designed with the single purpose of providing Info-‐Sec
professionals with complete knowledge and practical skills
necessary to secure their network infrastructure which is fast
becoming if already not a top priority plus a major tech challenge
for most security conscious organizations. This 3 day training deep
dives into the key aspects of solving infrastructure-related
problems by appreciating the key elements of how Windows Internal
Security mechanisms actually work and how it can be further
optimized without jeopardizing or easing an organization's IT
Environment configuration settings which becomes common as time
passes. Some of the highlights of this course are techniques used
in Kernel Debugging, Malware hunting, deep diving into BitLocker
and the automation of the whole hardening process.
Target audience
- Enterprise administrator
- Infrastructure architect
- Security professional
- System engineer
- Network administrator
- IT professional
- Security consultant
Prerequisites
To attend this training you should have a good hands on
expirience in administering Windows infrastructure. At least 8
years in the field is recommended.
Materials
Authors' unique tools, over 200 pages of exercises,
presentations slides with notes.
Certification
At the end participants will receive the Certificate of
Achievement signed by the CQURE Trainer.
Agenda
Module 1. Designing Secure Windows
Infrastructure
1. Providing the complete knowledge for the areas that can be
secured
Module 2. Securing Windows Platform
1. Defining and disabling unnecessary services
2. Implementing secure service accounts, permissions and
privileges
3. Driver signing
Module 3. Malware Protection
1. Techniques used by modern malware
2. Malware investigation techniques
3. Analyzing cases of real malware
4. Implementing protection mechanisms
Module 4. Managing Physical Security
1. Managing port security: USB, FireWire, and other
2. Mitigating Offline Access
3. Implementing and managing BitLocker
Module 5. Deploying and configuring Public Key
Infrastructure
1. Role and capabilities of the PKI in the infrastructure
2. Designing PKI architecture
3. PKI Deployment - Best practices
Module 6. Configuring Secure Communication
1. Deploying and managing Windows Firewall - advanced and useful
features
2. Deploying and configuring IPsec
3. Deploying secure Remote Access (VPN, Direct Access, Workplace
Join, RDS Gateway)
4. Deploying DNS and DNSSEC
Module 7. Securing Web Server
1. Configuring IIS features for security
2. Deploying Server Name Indication and Centralized SSL
Certificate Support
3. Monitoring Web Server recources and performance
4. Deploying Distributed Denial of Service attack prevention
5. Deploying Network Load Balancing and Web Farms
Module 8. Providing Data Security and
Availability
1. Designing data protection for Microsoft Office, PDF and other
file types
2. Deploying Active Directory Rights Management Services
3. Deploying File Calssification Infrastructure and Dynamic
Access Control
4. Configuring a secure File Server
5. Hardening basics for Microsoft SQL Server
6. Clustering selected Windows services
Module 9. Mitigating the common password
attacks
1. Performing Pass-the-Hash attack
2. Performing the LSA Secrets dump
Module 10. Automating Windows Security
1. Impementing Advanced GPO Features
2. Deploying Software Restriction: Applocker
3. Advanced PowerShell for administration