MS 20744 - Securing Windows Server 2016

Module 1: Breach detection and using the Sysinternals tools

• Overview of breach detection
• Using the Sysinternals tools to detect breaches

Lab : Basic breach detection and incident response strategies

• Identifying attack types
• Using incident-response strategies
• Exploring the Sysinternals tools

Module 2: Protecting credentials and privileged access

• Understanding user rights
• Computer and service accounts
• Protecting credentials
• Understanding privileged-access workstations and jump servers
• Deploying a local administrator-password solution

Lab : User rights, security options, and group-managed service accounts

• Configuring security options
• Configuring restricted groups
• Delegating privileges
• Creating and managing group managed service accounts (MSAs)
• Configuring the Credential Guard feature
• Locating problematic accounts

Lab : Configuring and deploying LAPs

• Installing local administrator password solution (LAPs)
• Configuring LAPs
• Deploying LAPs

Module 3: Limiting administrator rights with Just Enough Administration

• Understanding JEA
• Configuring and deploying JEA

Lab : Limiting administrator privileges by using JEA

• Creating a role-capability file
• Creating a session-configuration file
• Creating a JEA endpoint
• Connecting to a JEA endpoint
• Deploying JEA by using Desire State Configuration (DSC)

Module 4: Privileged Access Management and administrative forests 

• Understanding ESAE forests
• Overview of MIM
• Implementing JIT and Privileged Access Management by using MIM

Lab : Limiting administrator privileges by using Privileged Access Management

• Using a layered approach to security
• Exploring MIM
• Configuring a MIM web portal
• Configuring the Privileged Access feature
• Requesting privileged access

Module 5: Mitigating malware and threats

• Configuring and managing Windows Defender
• Using software restricting policies (SRPs) and AppLocker
• Configuring and using Device Guard
• Using and deploying the Enhanced Mitigation Experience Toolkit

Lab : Securing applications by using AppLocker, Windows Defender, Device Guard Rules, and the EMET.

• Configuring Windows Defender
• Configuring AppLocker
• Configuring and deploying Device Guard
• Deploying and using EMET

Module 6: Analysing activity by using advanced auditing and log analytics

• Overview of auditing
• Understanding advanced auditing
• Configuring Windows PowerShell auditing and logging

Lab : Configuring encryption and advanced auditing

• Configuring auditing of file-system access
• Auditing domain logons
• Managing the configuration of advanced audit policies
• Windows PowerShell logging and auditing

Module 7: Analysing activity with Microsoft Advanced Threat Analytics feature and Operations Management Suite

• Overview of Advanced Threat Analytics
• Understanding OMS

Lab : Advanced Threat Analytics and Operations Management Suite

• Using ATA and OMS
• Preparing and deploying ATA
• Preparing and deploying OMS

Module 8: Securing your virtualization an infrastructure

• Overview of Guarded Fabric VMs
• Understanding shielded and encryption-supported VMs

Lab : Deploying and using Guarded Fabric with administrator-trusted attestation and shielded VMs

• Deploying Guarded Fabric VMs with administrator-trusted attestation
• Deploying a shielded VM

Module 9: Securing application development and server-workload infrastructure

• Using Security Compliance Manager
• Introduction to Nano Server
• Understanding containers

Lab : Using Security Compliance Manager

• Configuring a security baseline for Windows Server 2016
• Deploying a security baseline for Windows Server 2016

Lab : Deploying and Configuring Nano Server and containers

• Deploying, managing, and securing Nano Server
• Deploying, managing, and securing Windows Server containers
• Deploying, managing, and securing Hyper-V containers

Module 10: Protecting data with encryption

• Planning and implementing encryption
• Planning and implementing BitLocker

Lab : Configuring EFS and BitLocker

• Encrypting and recovering access to encrypted files
• Using BitLocker to protect data

Module 11: Limiting access to file and folders

• Introduction to FSRM
• Implementing classification management and file-management tasks
• Understanding Dynamic Access Control (DAC)

Lab : Configuring quotas and file screening

• Configuring FSRM quotas
• Configuring file screening

Lab : Implementing DAC

• Preparing DAC
• Implementing DAC

Module 12: Using firewalls to control network traffic flow

• Understanding Windows Firewall
• Software-defined distributed firewalls

Lab : Windows Firewall with Advanced Security

• Creating and testing inbound rules
• Creating and testing outbound rules

Module 13: Securing network traffic

• Network-related security threats and connection-security rules
• Configuring advanced DNS settings
• Examining network traffic with Microsoft Message Analyzer
• Securing SMB traffic, and analysing SMB traffic

Lab : Connection security rules and securing DNS

• Creating and testing connection security rules
• Configuring and testing DNSSEC

Lab : Microsoft Message Analyzer and SMB encryption

• Using Microsoft Message Analyzer
• Configuring and verifying SMB encryption on SMB shares

Module 14: Updating Windows Server

• Overview of WSUS
• Deploying updates by using WSUS

Lab : Implementing update management

• Implementing the WSUS server role
• Configuring update settings
• Approving and deploying an update by using WSUS
• Deploying Windows Defender definition updates by using WSUS

Veja ementa completa

• Completado os cursos 20740, 20741 e 20742, ou equivalente.
• Uma compreensão sólida e prática dos fundamentos da rede, incluindo TCP/IP, UDP e DNS.
• Uma compreensão sólida e prática dos princípios do Active Directory Domain Services (AD DS).
• Uma compreensão sólida e prática dos fundamentos de virtualização do Microsoft Hyper-V.

DMOC e Certificado oficial Microsoft.