Press esc to close
Press esc to close
Fill out your contact details below and our training experts will be in touch.
If you wish to make any changes to your course, please log a ticket and choose the category ‘booking change’
Back to Course Information
Module 1: Attacks, breach detection, and Sysinternals tools
This module introduces delegates to the concepts and ideas of security in Microsoft specific environments. Delegates are introduced to the “assume breach” philosophy and encourages them to consider the different types of attacks that can occur. Additionally, delegates are taught about key resources, how they detect and respond to an incident, and how an organisation’s needs and requirements determine the overall security policy.
Lab: Basic breach detection and incident response strategies
Module 2: Protecting credentials and privileged access
This module explores computer and service accounts, user accounts and rights, credentials, the Local Administrator Password Solution, and Privileged Access Workstations. Delegates will learn about configuring user rights and security options, protecting credentials by using Credential Guard, implementing Privileged Access Workstations, and managing and deploying Local Administrator Password Solution to manage local administrator account passwords.
Lab: Implementing user rights, security options, and group managed service accounts
Lab: Configuring and deploying LAPs
Module 3: Limiting administrator rights with Just Enough Administration
In this module, delegates will learn how to deploy and configure Just Enough Administration (JEA), which is a technology that allows delegates to apply role-based access control (RBAC) principles through Windows PowerShell remote sessions.
Lab: Limiting administrator privileges with JEA
Module 4: Privileged access management and administrative forests
This module explores Enhanced Security Administrative Environment (ESAE) forests, Microsoft Identity Manager (MIM), and Just In Time (JIT) Administration, or Privileged Access Management (PAM).
Lab: Limiting administrator privileges with PAM
Module 5: Mitigating malware and threats
In this module, delegates will learn how to use tools such as Windows AppLocker, Windows Defender, Microsoft Device Guard, Windows Defender Application Guard, and Windows Defender Exploit Guard.
Lab: Securing applications with Windows Defender, AppLocker, and Device Guard Rules
Module 6: Analysing activity with advanced auditing and log analytics
This module broadly covers the concepts and techniques of general auditing, and then focusing on how to configure advanced auditing, Windows PowerShell auditing, and logging.
Lab: Configuring advanced auditing
Module 7: Deploying and configuring Advanced Threat Analytics and Microsoft Operations Management Suite
This module provides delegates with the opportunity to explore the Microsoft Advanced Threat Analytics tool and the Microsoft Operations Management suite (OMS). Delegates will learn how to use them to monitor and analyse the security of a Windows Server deployment. Microsoft Azure Security Centre will also be covered, which allows users to manage and monitor the security configuration of workloads both on-premises and in the cloud.
Lab: Deploying ATA, Microsoft Operations Management Suite, and Azure Security Centre
Module 8: Secure Virtualisation Infrastructure
Delegates will learn how to configure Guarded Fabric VMs, including the requirements for shielded and encryption-supported VMs.
Lab: Guarded fabric with Admin-trusted attestation and shielded VMs
Module 9: Securing application development and server-workload infrastructure
This module provides delegates with an understanding of the SCT, which is a free, downloadable set of tools that can be used to create and apply security settings. Delegates will also learn about improving platform security by reducing the size and scope of application and compute resources by containerising workloads.
Lab: Using SCT
Lab: Deploying and configuring containers
Module 10: Planning and protecting data
In this module, delegates will learn how to configure Encrypting File System (EFS) and BitLocker drive encryption to protect data at rest. This module will also cover how to extend protection into the cloud by using Azure Information Protection.
Lab: Protecting data by using encryption and BitLocker
Module 11: Optimising and securing file services
This module provides delegates with an understanding of file optimisation services through configuring File Server Resource Manager (FSRM) and Distributed File System (DFS). Delegates also will learn how to manage access to shared files by configuring Dynamic Access Control (DAC).
Lab: Quotas and file screening
Lab: Implementing Dynamic Access Control
Module 12: Securing network traffic with firewalls and encryption
In this module, delegates will learn how you to use Windows Firewall as an integral part of an organisation’s protection strategy. It covers the use of Internet Protocol security (IPsec) to encrypt network traffic and to establish security zones on your network. Delegates will also gain an understanding about the Datacenter Firewall feature that can be used to help protect on-premises virtual environments.
Lab: Configuring Windows Firewall with Advanced Security
Module 13: Securing network traffic
This module covers a selection of the Windows Server 2016 technologies that can be used to help mitigate network-security threats. It explains how you can configure DNSSEC to help protect network traffic, and use Microsoft Message Analyser to monitor network traffic. Delegates will also learn how to secure Server Message Block (SMB) traffic.
Lab: Securing DNS
Lab: Microsoft Message Analyser and SMB encryption
This course is for IT professionals who require the ability to use Windows Server 2016. Delegates will typically have experience in domain-based activities, managing access, and using cloud services.
Students who are seeking certification in the 70-744 Securing Windows server exam, will also benefit from this course.
Students are expected to have a minimum of two years’ experience in the IT field and should have:
This five-day course is designed to teach IT professionals about infrastructure security enhancements. Focus is firstly placed on identifying past network breaches to highlight vulnerabilities and raise awareness. This will ultimately help to teach delegates how to protect their IT infrastructures and ensure administrators have controlled access.
Delegates will learn how to use auditing to identify security issues, alongside the Advanced Threat Analysis feature of Windows Server 2016. The course will also cover the nature of malware threats and how to deal with them, securing a virtualisation platform, and deployment options. Delegates will also have the opportunity to learn about using encryption and dynamic access control.
Why choose us
Our easy to use Virtual platform allows you to sit the course from home with a live instructor. You will follow the same schedule as the classroom course, and will be able to interact with the trainer and other delegates.
Our fully interactive online training platform is compatible across all devices and can be accessed from anywhere, at any time. All our online courses come with a standard 90 days access that can be extended upon request. Our expert trainers are constantly on hand to help you with any questions which may arise.
This is our most popular style of learning. We run courses in 1200 locations, across 200 countries in one of our hand-picked training venues, providing the all important ‘human touch’ which may be missed in other learning styles.
All our trainers are highly qualified, have 10+ years of real-world experience and will provide you with an engaging learning experience.
We only use the highest standard of learning facilities to make sure your experience is as comfortable and distraction-free as possible
We limit our class sizes to promote better discussion and ensuring everyone has a personalized experience
Get more bang for your buck! If you find your chosen course cheaper elsewhere, we’ll match it!
This is the same great training as our classroom learning but carried out at your own business premises. This is the perfect option for larger scale training requirements and means less time away from the office.
Our courses can be adapted to meet your individual project or business requirements regardless of scope.
Cut unnecessary costs and focus your entire budget on what really matters, the training.
This gives your team a great opportunity to come together, bond, and discuss, which you may not get in a standard classroom setting.
Keep track of your employees’ progression and performance in your own workspace.
Course was run very smoothly, Richard our trainer was extremely knowledgeable and delivered the course in a succinct fashion with a twist of humour thrown in.
The course was great and the so was the trainer - brilliantly delivered and I would certainly recommend this course to my colleagues. Thanks to Richard for a great course and delivering it a tough environment virtually.
Richard was very knowledgeable and explained well
You won't find better value in the marketplace. If you do find a lower price, we will beat it.
The Knowledge Academy is a Microsoft Silver Partner, hence we are fully accredited
Flexible delivery methods are available depending on your learning style.
Resources are included for a comprehensive learning experience.
"Really good course and well organised. Trainer was great with a sense of humour - his experience allowed a free flowing course, structured to help you gain as much information & relevant experience whilst helping prepare you for the exam"
Joshua Davies, Thames Water