skip to the main content area of this page
Trainings

Advanced Windows Security Master Class

 


The first and most important line of defense for any system is the computing infrastructure. Once the infrastructure is compromised, all bets are off – at that point it doesn’t really matter how secure the applications that run on it are, you’ve been hacked! It is therefore of the utmost importance that the people managing critical infrastructure are aware of the various ways the operating system can be attacked, possible points of entry, and how to harden their systems and defend against malicious attackers from inside and outside the organization. This deep dive into Windows Security starts off by covering fundamental concepts of Windows Security Internals, such as the built in operating system protection mechanisms, identification of weak protection mechanisms, advanced access rights, and password mechanisms. To drive the point home, the presenter demonstrates some of the bad things that can happen on your systems, including obtaining unauthorized access – this part might shock you. The presenter will then show you the ways to defend against the various attack vectors, and how to monitor for malicious activity. This includes establishing operating system protection, configuring efficient monitoring and what these monitoring points are, advances configuration of Windows Internals security, and advanced troubleshooting techniques. The course continues to cover Windows Network Security (monitoring and protection), Managing Security with PowerShell, Advanced Troubleshooting and Monitoring (including malware inspection, monitoring particular operating system events, and introduction to debugging), and much more. This exhaustive course covers advance Windows operating system security on Windows 7, Windows 8 and Windows Server 2008 R2, as well as comparisons to older Microsoft operating systems. The attendees get not only the workbook, but also a proprietary set of useful tools and techniques to use on their own system. Don’t miss this unique opportunity to learn Advanced Windows Security from the IDesign Security Architects who will share vast practical, real-world, battle-proven experience in protecting real-world systems.

Who Should Attend:

Network administrators, infrastructure architects, security professionals, systems engineers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security.

Course Outline:

Windows Internals

  • Introduction to the Windows 7, Windows 8, and Windows Server security concepts
  • Operating system files security
  • Passwords security (techniques of getting and cracking passwords)
  • Process Monitoring (Advanced Process Explorer, Process Monitor, and other tools)
  • Integrity Levels
  • Session Zero
  • Priorities in the operating system (influencing the operating system continuity)
  • Kernel-Mode vs. User-Mode execution
  • Driver signing (Windows Driver Foundation)
  • Advanced privileges for operating system objects and rights
  • User Account Control Virtualization
  • Registry Internals
  • Auditing privileges with PowerShell
  • APowerShell for Security (deep-dive into Windows Internals) + Windows 8 update
  • WMI for Security

Infrastructure Security Solutions

  • Advances AppLocker implementation techniques
  • Advances BitLocker implementation techniques
  • Advanced Security Configuration Wizard
  • Advanced IPSecs
  • Advanced GPO
  • Practicing Diagnostic and Recovery Toolkit
  • Networking Services Security (DNS, DHCP, SNMP, SMTP and other)
  • Volume Shadow Copy Service from the security perspective
  • Tools

Debugging and Auditing

  • Available debuggers
  • Working with symbols
  • Process debugging
  • Kernel-mode debugging
  • User-mode debugging
  • Setting up kernel debugging with a virtual machine as the target
  • Debugging the boot process
  • Crash dump analysis
  • Auditing tools and techniques
  • Monitoring Registry Activity
  • Rootkit Detection

Points of Entry Analysis

  • Offline access
  • Linux BackTrack /other tools vs. Windows Security
  • Unpatched Windows and assigned attacks
  • Advanced network sniffing
  • Fingerprinting techniques
  • Enumeration techniques
  • Domain Controller attacks
  • Services security
  • Man-in-the-Middle attacks

Wireless Hacking

  • Wireless technology recognition
  • Wireless fingerprinting
  • Wireless hacking ideas and demos
  • Optimizing wireless hacking
  • Protecting wireless networks



arrow Register

Date & Location

 

http://www.haeckers-kurhotel.de/hotel-startseite-bad-ems-en.phtml

Bad Ems, Germany

TBD
arrow Price and Register
Advanced Windows Security

Paula Januszkiewicz is an IT Security Auditor and Penetration Tester with nearly a decade of experience in infrastructure security. Paula is a Microsoft Enterprise Security MVP, Microsoft Certified Trainer, and a Microsoft Security Trusted Advisor. She specializes in Security, deep Windows operating system topics, and Virtualization.
Paula is passionate about sharing her knowledge with others; she is consistently rated as a top speaker at many international conferences, and writes articles on Windows Security. Paula enjoys researching new technologies and describes them on her blog http://blogs.technet.com/plwit. She is also a co-author of the Planning, Deploying and Managing Microsoft Forefront Threat Management Gateway 2010 security course.