You know you are valuable to employers if you can enhance the security of IT infrastructure in detail. Do you want to have the know-how of various network attacks and how it can impact the business process? This course will give you demanding power in an enterprise environment.
The 70-744 Securing Windows Server 2016 covers methods and technologies for hardening server environments and securing virtual machine infrastructures. In addition, the course introduces learners to the ideas of attacks, breaches, and detection. You will gain an understanding into protecting users and workstations before learning how to manage access for administrators.
The course will enhance your IT skills and improve your knowledge. It will provide you with the best opportunity to get hands-on experience and be able to use your skills in a highly virtualised environment.
The course content focuses on how to secure Windows Server 2016 environment. In addition, the course covers threat detection solutions like auditing, implementing Advanced Threat Analytics (ATA), and understanding of Operations Management Suite (OMS) solutions, and the use of Nano Server for particular server workloads to list down just a few.
We offer hundreds of practice questions, simulated certification exams and extensive study material. Our latest practice exam online can be your first step to gain Microsoft certification and help you pass the exam 100%.
We recommend that learners review the exam preparation tutorial and become familiar with the resources before scheduling the exam. In addition, you will be given extra time, so that you can enjoy the flexibility of training and studying at your own pace.
The course is internationally recognised and accredited to a training organisation and you will be issued an internationally recognised qualification following full completion of 70-744 Securing Windows Server 2016.
As improvements and advancements are made in technology, online courses are no longer just conventional means of studying at affordable costs. In many aspects online training offers superiority to traditional learning. There is an effectiveness and convenience that traditional learning cannot provide. The overall convenience and flexibility makes it a superior learning method.
1Training offers the most convenient path to gain an internationally recognised qualification that will give you the opportunity to put into practice your skill and expertise in an enterprise or corporate environment. You can study at your own pace at 1Training and you will be provided with all the necessary material, tutorials, qualified course instructor and multiple free resources which include Free CV writing pack, Nus Discounted Card, Free career support and course demo to make your learning experience more rewarding.
Learners should be familiar with the methods and technologies used to harden server environments and secure virtual machine infrastructures
The course will be directly delivered to you, and you will have unlimited access 24/7. You have 12 months access to the online learning platform from the date you joined the course, and you can do it from anywhere, anytime.
This exam measures your ability to accomplish the technical tasks listed under Learning Outcomes. Microsoft has written out these categories and assigned a percentage to each one. The percentage represents the weight they carry within the exam.
At the end of the course learners will be assessed by an official exam. Please note that we do not provide the official exam, which you will need to purchase separately. You can purchase the exam here: https://www.microsoft.com/en-us/learning/exam-70-742.aspx
Those who successfully complete the exam will be awarded a certificate in 70-744 Securing Windows Server 2016.
The certificate will be awarded by Microsoft. You can make your CV standout with an internationally recognised qualification and employers will be encouraged to see how you have expanded your skills in your chosen field.
Once you successfully complete the exam you will be qualified to become a Database Administrator, Computer Support Specialist and Information Security Analyst and can work for a number of IT enterprises. The qualification will also put you in line to demand a higher salary or job promotion. The average UK salary for a Computer Support Specialist is £25,413 per year according to https://www.payscale.com.
➤ Module 1: Introduction to Attacks, Breaches, and Detection | |||
Lesson A: Understanding Types of Attacks | |||
1.1 Assume Breach | |||
1.2 Methods of Attack | |||
1.3 Attack Stages | |||
1.4 Prioritizing Resources | |||
1.5 Incident Response Strategy | |||
1.6 Ensuring Compliance | |||
Lesson B: Detecting Security Breaches | |||
2.1 Locating Evidence | |||
2.2 Event Logs | |||
2.3 Examining Other Configurations | |||
Lesson C: Using Sysinternals Tools | |||
3.1 Introducing Sysinternals | |||
3.2 Demo – Examining Sysinternals Tools | |||
3.3 System Monitor | |||
3.4 AccessChk | |||
3.5 Autoruns | |||
3.6 LogonSessions | |||
3.7 Process Explorer | |||
3.8 Process Monitor | |||
3.9 Sigcheck | |||
3.10 Demo – Using Sysinternals Tools | |||
3.11 Chapter 01 Review | |||
➤ Module 2: Protecting Users and Workstations | |||
Lesson A: User Rights and Privileges | |||
1.1 Principle of Least Privilege | |||
1.2 Configuring User Rights | |||
1.3 Configuring Account Security Options | |||
1.4 Demo – User Rights and Account Security Options | |||
1.5 Account Security Controls | |||
1.6 Complexity Options | |||
1.7 Password and Lockout Policies | |||
1.8 Demo – Configuring Account Policies in Group Policy | |||
1.9 Configuring Fine-Grained Password Policies | |||
1.10 Understanding PSO Application | |||
1.11 Protected Users Security Groups | |||
1.12 Delegating Administrative Control | |||
1.13 Demo – Delegating Control in AD DS | |||
1.14 Local Administrator Password Solutions (LAPS) | |||
1.15 LAPS Requirements | |||
1.16 LAPS Process | |||
1.17 Configuring and Managing Passwords | |||
1.18 Demo – Using LAPS | |||
Lesson B: Working with Computer and Service Accounts | |||
2.1 What is a Computer Account? | |||
2.2 Computer Account Functionality | |||
2.3 Working with Secure Channel Passwords | |||
2.4 Service Account Types | |||
2.5 Group MSAs | |||
2.6 Demo – Configuring Group MSAs | |||
Lesson C: Protecting User Credentials | |||
3.1 Introducing Credential Guard | |||
3.2 Credential Guard Requirements | |||
3.3 Configuring Credential Guard | |||
3.4 Verifying Credential Guard Operation | |||
3.5 Credential Guard Weaknesses | |||
3.6 NTLM Blocking | |||
3.7 Searching AD DS for Problem Accounts | |||
3.8 Demo – Locating Problem Accounts | |||
Lesson D: Using Privileged Access Workstations | |||
4.1 The Need for Privileged Access Workstations | |||
4.2 Privileged Access Workstations | |||
4.3 Jump Servers | |||
4.4 Securing Domain Controllers | |||
4.5 Chapter 02 Review | |||
➤ Module 3: Managing Administrative Access | |||
Lesson A: Understanding and Deploying JEA | |||
1.1 Introduction to JEA | |||
1.2 JEA Components | |||
1.3 Session Configuration Files | |||
1.4 Demo – Creating a Session Configuration File | |||
1.5 Role Capability Files | |||
1.6 Demo – Create a Role Capability File | |||
1.7 JEA Endpoints | |||
1.8 Demo – Creating a JEA Endpoint | |||
1.9 Connecting to JEA Endpoints | |||
1.10 Deploying JEA Endpoints | |||
Lesson B: Using Enhanced Security Administrative Environments (ESAE) Forests | |||
2.1 ESAE Forests | |||
2.2 Administrative Tiers | |||
2.3 ESAE Best Practices | |||
2.4 The Clean Source Principle | |||
2.5 Implementing the Clean Source Principle | |||
Lesson C: Using Microsoft Identity Manager | |||
3.1 Overview of MIM | |||
3.2 MIM Requirements | |||
3.3 MIM Service Accounts | |||
Lesson D: Using JIT Administration and PAM | |||
4.1 Overview of JIT Administration | |||
4.2 Privileged Access Management (PAM) | |||
4.3 PAM Components | |||
4.4 Creating an Administrative Forest | |||
4.5 Configuring Trust Relationships | |||
4.6 Shadow Principals | |||
4.7 Configuring the MIM Web Portal | |||
4.8 Managing and Configuring PAM Roles | |||
4.9 Chapter 03 Review | |||
➤ Module 4: Configuring Anti-Malware and Patch Management | |||
Lesson A: Configuring and Managing Windows Defender | |||
1.1 Understanding Malware | |||
1.2 Malware Sources | |||
1.3 Mitigation Methods | |||
1.4 Windows Defender | |||
1.5 Demo – Using Windows Defender | |||
Lesson B: Restricting Software | |||
2.1 Controlling Applications | |||
2.2 Software Restriction Policies | |||
2.3 Security Levels | |||
2.4 AppLocker | |||
2.5 Support for AppLocker | |||
2.6 AppLocker Rules | |||
2.7 Creating Default Rules | |||
2.8 Demo – Using AppLocker | |||
Lesson C: Using Device Guard | |||
3.1 Overview of Device Guard | |||
3.2 Device Guard Features | |||
3.3 Configuring Device Guard | |||
3.4 Device Guard Policies | |||
3.5 Deploying Code Integrity Policies | |||
3.6 Control Flow Guard | |||
Lesson D: Patch Management with WSUS | |||
4.1 Overview of WSUS | |||
4.2 Deployment Options | |||
4.3 Server Requirements | |||
4.4 Configuring Clients | |||
4.5 Administering WSUS | |||
4.6 Approving Updates | |||
4.7 Demo – Installing and Configuring WSUS | |||
4.8 Chapter 04 Review | |||
➤ Module 5: Auditing and Advanced Threat Analytics | |||
Lesson A: Configuring Auditing for Windows Server 2016 | |||
1.1 Overview of Auditing | |||
1.2 The Purpose of Auditing | |||
1.3 Types of Events | |||
1.4 Auditing Goals | |||
1.5 Auditing File and Object Access | |||
1.6 Demo – Configuring Auditing | |||
Lesson B: Advanced Auditing and Management | |||
2.1 Advanced Auditing | |||
2.2 Advanced Auditing Subcategories | |||
2.3 Dynamic Auditing | |||
2.4 Event Log Subscriptions | |||
2.5 Audit Collection Services (ACS) | |||
2.6 Demo – Configuring Event Forwarding | |||
2.7 Auditing with Windows PowerShell | |||
2.8 Demo – Using PowerShell with Audit Logs | |||
2.9 Transaction Logging | |||
2.10 Module Logging | |||
2.11 Script Block Logging | |||
2.12 Demo – Configuring PowerShell Logging | |||
Lesson C: Deploying and Configuring ATA | |||
3.1 Overview of ATA | |||
3.2 Usage Scenarios | |||
3.3 Deployment Requirements | |||
3.4 ATA Gateways | |||
3.5 Port Mirroring | |||
3.6 Configuring ATA Center | |||
Lesson D: Deploying and Configuring Operations Management Suite | |||
4.1 Introduction to Operations Management Suite | |||
4.2 Deployment Overview | |||
4.3 OMS Solutions | |||
4.4 Installing OMS | |||
4.5 OMS Solutions (Cont.) | |||
4.6 Chapter 05 Review | |||
➤ Module 6: Securing the Infrastructure | |||
Lesson A: Secure the Virtualization Infrastructure | |||
1.1 Introduction to Guarded Fabric | |||
1.2 Host Guardian Service | |||
1.3 Preparing HGS Nodes | |||
1.4 Installing and Configuring HGS | |||
1.5 Attestation and Encryption | |||
1.6 Attestation Methods | |||
1.7 Initializing HGS | |||
1.8 Configuring HSG Clients | |||
Lesson B: Deploying Security Baselines | |||
2.1 Security Compliance Manager (SCM) | |||
2.2 SCM Requirements | |||
2.3 Demo – Installing SCM | |||
2.4 Demo – Configuring and Deploying Security Baselines | |||
Lesson C: Deploying Nano Server | |||
3.1 Planning for Nano Server | |||
3.2 Understanding Nano Server Roles | |||
3.3 Installing Nano Server Roles | |||
3.4 Nano Server Installation | |||
3.5 Installation Steps | |||
3.6 Chapter 06 Review | |||
➤ Module 7: Configuring Data Protection | |||
Lesson A: Planning and Implementing File Encryption | |||
1.1 Introducing Encrypting File System | |||
1.2 EFS Features | |||
1.3 Encryption and Decryption | |||
1.4 Recovering EFS Files | |||
1.5 Demo – Using EFS | |||
Lesson B: Planning and Implementing BitLocker | |||
2.1 Overview of BitLocker | |||
2.2 BitLocker and TPMs | |||
2.3 BitLocker Requirements | |||
2.4 Tools for Configuring and Managing BitLocker | |||
2.5 Deploying BitLocker | |||
2.6 Demo – Deploying BitLocker | |||
2.7 BitLocker on Hyper-V VMs | |||
2.8 BitLocker and CSVs | |||
2.9 Enabling BitLocker for CSV | |||
2.10 Network Unlock | |||
2.11 Network Unlock Process | |||
2.12 BitLocker Recovery | |||
2.13 Microsoft BitLocker Administration and Monitoring (MBAM) | |||
2.14 Chapter 07 Review | |||
➤ Module 8: Advanced File Server Management | |||
Lesson A: Using File Server Resource Manager | |||
1.1 Capacity Management | |||
1.2 Storage Management | |||
1.3 Introduction to FSRM | |||
1.4 Storage Management with File Server Resource Manager | |||
1.5 Overview of FSRM | |||
1.6 Installing and Configuring FSRM | |||
1.7 Demo – Installing and Configuring FSRM | |||
1.8 Quota Management | |||
1.9 Demo – Create and Manage Quotas | |||
1.10 File Screening | |||
1.11 Using File Groups | |||
1.12 Exceptions and Templates | |||
1.13 Demo – Implementing File Screening | |||
1.14 Storage Reports | |||
1.15 Report Tasks | |||
1.16 Demo – Generating Storage Reports | |||
1.17 Automatic File Management | |||
Lesson B: Implementing Classification and File Management Tasks | |||
2.1 File Classification | |||
2.2 Classification Rules | |||
2.3 Demo – Configure File Classification | |||
2.4 File Management Tasks | |||
Lesson C: Working with Dynamic Access Control | |||
3.1 Overview of Dynamic Access Control | |||
3.2 Dynamic Access Control Scenarios | |||
3.3 DAC Technologies | |||
3.4 Understanding Identity | |||
3.5 Understanding Claims | |||
3.6 Types of Claims | |||
3.7 Central Access Policies | |||
3.8 Policy Components | |||
3.9 DAC Prerequisites | |||
3.10 Demo – Implementing DAC | |||
3.11 Chapter 08 Review | |||
➤ Module 9: Securing the Network Infrastructure | |||
Lesson A: Using the Windows Firewall with Advanced Security | |||
1.1 Types of Firewalls | |||
1.2 Well-Known Ports | |||
1.3 Host-Based Firewall | |||
1.4 Network Profiles | |||
1.5 Configuring the Windows Firewall | |||
1.6 Demo – Working with the Windows Firewall | |||
Lesson B: Datacenter Firewall | |||
2.1 Network Controller | |||
2.2 Datacenter Firewall | |||
2.3 Network Security Groups | |||
2.4 Scenarios for Datacenter Firewall | |||
Lesson C: Utilizing IP Security | |||
3.1 Overview of IP Security | |||
3.2 IPSec Protocols | |||
3.3 IPSec Usage Scenarios | |||
3.4 IPSec Configuration Tools | |||
3.5 Connection Security Rules | |||
3.6 Understanding Rule Types | |||
3.7 Rule Endpoints | |||
3.8 Authentication Settings | |||
3.9 Authentication Methods | |||
3.10 Encryption Settings | |||
3.11 Monitoring Connections | |||
3.12 Demo – Implementing IPSec | |||
Lesson D: Configuring Advanced DNS Settings | |||
4.1 Managing DNS Services | |||
4.2 Optimizing DNS Name Resolution | |||
4.3 The GlobalNames Zone | |||
4.4 Implementing DNS Security | |||
4.5 DNS Security (DNSSEC) | |||
4.6 Implementing DNSSEC | |||
4.7 Demo – Configuring DNSSEC | |||
4.8 Introducing DNS Policies | |||
4.9 Implementing DNS Policies | |||
4.10 RRL Feature | |||
4.11 Demo – Configuring DNS Policies | |||
Lesson E: Monitoring Network Traffic | |||
5.1 Microsoft Message Analyzer | |||
5.2 Demo – Using Microsoft Message Analyzer | |||
Lesson F: Securing SMB Traffic | |||
6.1 SMB 3.1.1 Protocol Security | |||
6.2 SMB Encryption Requirements | |||
6.3 Encrypting SMB Shares | |||
6.4 Disabling Support for SMB 1.0 | |||
6.5 Chapter 09 Review | |||
6.6 Course Closure |