CIS 244 - Securing Windows Server

3 Credits, 4 Contact Hours
2 lecture periods 2 lab periods

Identify security issues through use of auditing and the Advanced Threat Analysis feature in Windows Server. Includes mitigation of malware threats, securing the virtualization platform, and use of deployment options such as Nano server and containers to enhance security. Also includes protecting access to files by using encryption and dynamic access control to enhance security.

Prerequisite(s): CIS 221  
Information: Content for this course is based on Microsoft Securing Server 2016 (Exam 70-744).
  

1. Create multiple levels of Windows server hardening.
2. Explain functional and technical impacts of using Windows server security baselines.
3. Analyze levels of authentication and threat protection.

A.       Disk and file encryption

B.       Server patching and updating

C.       Malware protection

D.       Credential protection

E.       Microsoft security compliance toolkit

II.         Virtualization

A.       Host guardian service

B.       Key protection services

C.       Shielded VMs

D.       Encrypted VMs

III.        Network Infrastructure

A.       Windows firewall

B.       Datacenter firewall

C.       IPSEC

D.       DNSSEC

IV.        Privileged Access Control

A.       Microsoft identity manager

B.       Just-Enough-Administration

C.       Privileged Access Workstations (PAWS)

D.       Local Administrator Password Solution (LAPS)

V.         Threat Detection

A.       Audit policies

B.       Microsoft advanced threat analytics

C.       Operations Management Suite (OMS)

VI.        Workload Specific Security

A.       Dynamic access control

B.       File server resource manager

C.       File classification infrastructure