Brug for hjælp?

  • Gregersensvej 8
  • 2630 Taastrup
Google MapsApple MapsRejseplanen
  • Forskerparken Fyn, Forskerparken 10F
  • 5230 Odense M
Google MapsApple MapsRejseplanen
  • Teknologiparken Kongsvang Allé 29
  • 8000 Aarhus C
Google MapsApple MapsRejseplanen
  • NordsøcentretPostboks 104
  • 9850Hirtshals
Google MapsApple MapsRejseplanen
  • Gammel Ålbovej 1
  • 6092Sønder Stenderup
Google MapsApple MapsRejseplanen
87795 - Masterclass: Windows Security and Infrastructure Management
5 dage kursus

Masterclass: Windows Security and Infrastructure Management

Lær, at se på din infrastruktur med en hackers øjne. Du lærer at konfigurere passwords-mekanismer hensigtsmæssigt, bruge PowerShell i sikkerhedssammenhænge, DNS konfiguration og meget mere, der kan sikre din virksomhed mod angreb.


it-sikkerhedsansvarlige, sikkerhedskonsulenter, enterprise administratorer, netværksansvarlige, infrastruktursarkitekter it-professionelle, der arbejder med at implementere netværk eller arbejder med sikkerhed.


Module 1: Windows Internals & System Architecture
  • Introduction to the Windows 7/8.1 and Windows Server 2008/2012 R2 security concepts
  • Architecture overview and terms
  • Key System Components
  • Processes, Threads and Jobs
  • Services, Functions and Routines
  • Sessions
  • Objects and Handles
  • Registry
  • Advanced Local Procedure Call
  • Information gathering techniques
  • Windows Debugging
  • Performance Monitor
  • Windows Driver Kit
  • Other useful tools
Module 2: Process and Thread Management
  • Process and thread internals
  • Protected processes
  • Process priority management
  • Examining Thread Activity
  • Process and thread monitoring and troubleshooting techniques (advanced usage of Process Explorer, Process Monitor, and other tools)
Module 3: System Security Mechanisms
  • Integrity Levels
  • Session Zero
  • Privileges, permissions and rights
  • Passwords security (techniques for getting and cracking passwords)
  • Registry Internals
  • Monitoring Registry Activity
  • Driver signing (Windows Driver Foundation)
  • User Account Control Virtualization
  • System Accounts and their functions
  • Boot configuration
  • Services architecture
  • Access tokens
  • Biometric framework for user authentication
Module 4: Debugging & Auditing
  • Available debuggers
  • Working with symbols
  • Windows Global Flags
  • Process debugging
  • Kernel-mode debugging
  • User-mode debugging
  • Setting up kernel debugging with a virtual machine as the target
  • Debugging the boot process
  • Crash dump analysis
  • Direct Kernel Object Manipulation
  • Finding hidden processes
  • Rootkit Detection
Module 5: Memory Analysis
  • Memory acquisition techniques
  • Finding data and activities in memory
  • Step-by-step memory analysis techniques
  • Tools and techniques to perform memory forensic
Module 6: Storage Management
  • Securing and monitoring Files and Folders
  • Protecting Shared Files and Folders by Using Shadow Copies
  • Implementing Storage Spaces
  • Implementing iSCSI
  • Implementing FSRM, managing Quotas, File Screens, and Storage Reports
  • Implementing Classification and File Management Tasks, Dynamic Access Control
  • Configuring and troubleshooting Distributed File System
Module 7: Startup and Shutdown
  • Boot Process overview
  • BIOS Boot Sector and Bootmgr vs. the UEFI Boot Process
  • Booting from iSCSI
  • Smss, Csrss, and Wininit
  • Last Known Good configuration
  • Safe Mode capabilities
  • Windows Recovery Environment (WinRE)
  • Troubleshooting Boot and Startup Problems
Module 8: Infrastructure Security Solutions
  • Windows Server Core Improvements in Windows Server 2012 R2
  • AppLocker implementation scenarios
  • Advanced BitLocker implementation techniques (provisioning, Standard User Rights and Network Unlock?
  • Advanced Security Configuration Wizard
  • IPSec
  • Advanced GPO Management
  • Practicing Diagnostic and Recovery Toolkit
  • Tools
Module 9: Layered Network Services
  • Network sniffing techniques
  • Fingerprinting techniques
  • Enumeration techniques
  • Networking Services Security (DNS, DHCP, SNMP, SMTP and other)
  • Direct Access
  • High Availability features: cluster improvements and SMB ?Scale – Out File Server)
  • Network Load Balancing
  • Remote Access
  • Network Location Awareness
  • Wireless technology recognition
  • Wireless fingerprinting
  • Wireless hacking ideas and demos
  • Optimizing wireless hacking
  • Protecting wireless networks
Module 10: Monitoring and Event Tracing
  • Windows Diagnostic Infrastructure
  • Building auditing
  • Expression-based audit policies
  • Logging Activity for Accounts and processes
  • Auditing tools, techniques and improvements
  • Auditing removable storage devices
Module 11: Points of Entry Analysis
  • Offline access
  • Linux BackTrack /other tools vs. Windows Security
  • Unpatched Windows and assigned attacks
  • Domain Controller attacks
  • Man-in-the Middle attacks
  • Services security


Kamil Baczyk is an Infrastructure and Security Expert, Office 365 Most Valuable Professional, trainer (Microsoft Certified Trainer) and Certified Technology Specialist (CTS). He is a member of Microsoft Windows Server System (WSS.PL), one of the top speakers in the Warsaw Windows Users & Specialists Group (WGUiSW), He is a member of International Association of Microsoft Certified Trainers (IAMCT) and Polish Infrastructure Group (PiNG) leader and mentor for WGUiSW Idol 2013 contest. Microsoft Windows Server / Client / Virtualization / SharePoint / Office 365 / ITIL and CEH related specializations.


Paula Januszkiewicz is a word-renowned Security Expert. Paula loves to perform Penetration Tests, IT Security Audits, and after all she says: ‘harden’em all’! Enterprise Security MVP and trainer (MCT) and Microsoft Security Trusted Advisor.

Har du faglige spørgsmål så kontakt
Andre kurser