Black Belt Securing Windows Client and Server with Sami Laiho
This is a course for all administrators and security professionals who want to make sure their environments are ready for the new security era where traditional security measures like anti-malware are not effective anymore, and who want to make the best out of what Windows 10, 11 and Server has to offer.
Kursen hålls på begäran
Kontakta oss för mer information.
Telefon: 08-562 557 50
E-post: kursbokning@cornerstone.se
Gartner has said that one of the most needed changes in enterprise security is to move to a least privilege approach, whitelisting of applications and overall proactive security. Microsoft said in February 2018 that 85% of all security threats would have been mitigated by moving to proactive security. In year 2017 all major antimalware companies reported more than 1.000.000 new malware samples EVERY day!
Do you really need more convincing that you need to do it as well than these facts. Well there is more just to make you sure ;) Whitelisting is considered as the most recommended security feature for 2018 and up, and it’s also a NATO requirement for Windows 10 implementations.
While the client and the server versions share the same Kernel there are certain things that only apply to Windows Servers – this course also includes the needed info on how to protect Windows Server and infrastructure services!
Target Audience and Prerequisites
This training is intended for all administrators and security professionals who want to make sure their environments are ready for the new security era where traditional security measures like anti-malware are not effective anymore, and who want to make the best out of what Windows has to offer. Sami teaches nurses, devs and CSO’s so don’t be afraid - just join the class!
To attend the class you need to have basic experience with Windows administration, basic understanding of Active Directory and basic understanding of networking infrastructure.
Sami Laiho
This training is delivered by Sami Laiho - one of the top Windows OS professionals globally. Sami has been awarded as Best Speaker and his OS sessions as Best Session in multiple Microsoft TechEd’s and other conferences. Sami has been working with OS internals and security for almost 20 years and teaching the art for more than 15 years. Read more on Sami's website
Said about Sami
The quotes below are from our evaluation form after a previous class with Sami:
- “Sami is a great Trainer with a lot of experience in windows systems.”
- “I thought I understood the material well before I took part in this course, I was wrong. This course although short it was sufficient, both direct and fun. I would recommend this for anyone that wants to work in IT and also for all that work in the IT business.“
- “If you really need to know something about windows8, this seminar/training is a must. He delivers everything in a lively manner, and it´s not just educational, it´s fun.”
- “Do you want to learn Win-Fu?”
- “Great insight into Windows security”
- “Funni finnish guy that teaches you to be a pro when it comes to windows!”
- “Sami you get 5 out of 5 stars for keeping things interesting and fun while still making people understand and learn.”
- “Great speaker, and has good sense of humor :-), what else can you ask for ?”
- “Funny,interesting and during those 4 days i learned ALOT"
Course Details
- Introduction to the current and future state of IT security
- The showcase of how Windows really gets hacked!
- Implementing hard disk encryption – Building a BulletProof BitLocker!
- Implementing shielded VMs and Virtual TPMs
- Cornerstones of Windows Security – How the Security Subsystem really works
- Using Baselines to protect clients and servers (and how to fix Microsoft’s broken default ones)
- Implementing the principle of least privilege – getting rid of admin rights!
- Correct use of different levels of admin accounts in an enterprise
- Why and How to use UAC effectively
- Using containers and Windows Defender Application Guard to increase security
- Server 2016/2019/2022 Bastion/Red/ESAE forests and how to secure Active Directory
- Protecting infrastructure services like DHCP, DNS and AD DCs
- Mitigating Pass-The-Hash attacks and what ever Mimikatz can do to you
- Implementing Credential Guard and other Secure Kernel technologies
- Getting rid of lateral movement of admin accounts – Implementing a three tier infrastructure
- Correct decisions when choosing secure hardware in the future
- Moving to Biometrics and Two-Factor Authentication
- Implementing the PAW – Privileged Access Workstation
- Securely managing Servers
- Protections RDP-connections
- Implementing Whitelisting in Windows
- AppLocker and Device Guard in Windows Client
- Implementing REALISTIC Security in REAL life – comparing Office desktops to workstations that can launch missiles