Module 1: Building a secure platform
This module introduces the foundational security features of Windows Server and how to establish a hardened platform.
- Review Windows Server editions and security capabilities
- Configure secured-core server features
- Protect virtual machines using platform security controls
Module 2: Updating Windows and hardening the operating system
Learn how to maintain secure and up-to-date server environments using modern servicing and hybrid management tools.
- Review Windows Server servicing options
- Configure hybrid integration with Azure Arc
- Implement Windows Server Hotpatch
- Apply security baselines to harden servers
Module 3: Protecting identities
Explore identity protection strategies and authentication controls to reduce the risk of compromise.
- Understand identity management in Windows Server
- Manage computer accounts securely
- Configure authentication policies and controls
- Harden Kerberos and restrict NTLM usage
- Secure Windows services using managed service accounts
Module 4: Secure administration
This module focuses on implementing least privilege and securing administrative access.
- Understand groups and group scopes
- Plan and implement secure administration strategies
- Assign privileges using user rights
- Use groups to manage administrative roles
- Delegate administrative tasks securely
- Configure Windows LAPS
- Secure privileged access
Module 5: Deploying and managing certificates
Gain the skills to implement and manage encryption using a public key infrastructure.
- Review encryption technologies
- Understand public key infrastructure concepts
- Deploy Active Directory Certificate Services
- Manage certificate templates
- Deploy and manage certificates
- Use the central certificate store with IIS
Module 6: Data security
Learn how to secure data both at rest and in transit using built-in Windows Server technologies.
- Configure NTFS permissions for secure file systems
- Implement Dynamic Access Control
- Secure shared folder access
- Configure SMB signing and encryption
- Implement SMB over QUIC
- Protect data using Encrypting File System
- Deploy and manage BitLocker
Module 7: Advanced auditing and monitoring
Understand how to track, audit, and monitor security events across your server environment.
- Understand auditing concepts and strategy
- Configure advanced auditing policies
- • Integrate with Azure Monitor
- • Audit Windows PowerShell activity