CyberOps Windows Hardening: Windows Server Hardening Best Practices

CyberOps Windows Hardening: Windows Server Hardening Best Practices

• discover the key concepts covered in this course
• outline key concepts related to Windows Server hardening
• remove unneeded software from a Windows server
• disable an unneeded service on a Windows server and illustrate how to modify the security context of that service
• outline security best practices to harden Windows Server user accounts
• implement a password policy to prevent dictionary attacks on a Windows server
• implement an account lockout policy on a Windows server to stop brute force attacks
• control or limit group membership on a Windows server
• describe common techniques to secure Windows Server file systems
• add additional security by customizing the user rights of a Windows server
• outline advanced steps used to harden a Windows server
• use techniques to harden Windows DNS servers
• use techniques to harden Windows IIS web servers
• define what is meant by auditing and interrelate it to Windows Server hardening
• monitor activity using Windows Server auditing
• summarize the key concepts covered in this course

Windows servers are the heart of many corporate networks and may contain sensitive company data that, if leaked or stolen by an attacker, would be catastrophic. Protecting the Windows Server assets and preventing a security compromise is an important skill for IT security professionals to master. In this course, you'll learn how to help prevent security incidents by hardening the Windows Server and reducing the attack surface. You'll learn how to follow common security best practices to lock down a Windows system by hardening user accounts, passwords, services, the file system, and common network services, such as DNS and IIS.

CyberOps Windows Hardening: Windows Workstation Hardening Best Practices

CyberOps Windows Hardening: Windows Workstation Hardening Best Practices

• discover the key concepts covered in this course
• list common BIOS/UEFI settings used to help secure a Windows system
• demonstrate how to harden user accounts on a Windows workstation
• demonstrate how to restrict the software that can run on a Windows workstation using an AppLocker policy
• demonstrate how to uninstall unneeded Windows components and harden Windows services on a Windows workstation
• illustrate the importance of patching a Windows system
• demonstrate how to create a password policy on a Windows workstation to prevent dictionary attacks
• demonstrate how to create an account lockout policy on a Windows workstation to prevent brute force attacks
• demonstrate how to manipulate Windows user rights
• demonstrate how to implement full disk encryption with BitLocker
• demonstrate how to use BitLocker To Go to encrypt removable media
• demonstrate the configuration of Windows Defender as antimalware
• demonstrate how to configure auditing on a Windows workstation
• demonstrate the use of security templates on a Windows system
• summarize the key concepts covered in this course

If successful in exploiting your Windows workstations, hackers could move laterally across the network to compromise other assets like your servers and databases, which contain sensitive information.

In this course, you'll learn how to protect your Windows workstations by following standard operating system hardening procedures to reduce the attack surface and help prevent a security compromise.

You'll learn how to secure a workstation by implementing hardening procedures related to the BIOS/UEFI. You'll carry out user account and group membership security strategies. You'll practice reducing unneeded software, patching the system, configuring user rights, and setting up auditing.

Additionally, you'll work with full disk encryption, antivirus methods, firewall software, and security templates. To carry out this work, you'll utilize BitLocker, AppLocker, and Windows Defender.