Securing MS Windows Server 2008 R2 Environment

מק"ט: #7099 | משך קורס: 40 שעות אק'

This five-day instructor-led course provides students with the knowledge and skills to secure the Server 2008 R2 environment. During the course you will learn about the server 2008 R2 security capabilities and how to implement the defense in depth concept. In this course you will also learn how to secure the network infrastructure and the Server 2008 R2 Active Directory. This course is intended for individuals who already have some experience with network infrastructure and Active Directory technologies.

*שדות חובה
PDF version


  • Understand the Defense in Depth concept
  • Learn how to identify security threat
  • Understand the Server Hardening Process
  • Secure your Infrastructure using GPO
  • Understand and Manage  Authentication and Authorization Mechanizes
  • Deploy and Manage Public Key Infrastructure (PKI)
  • Understanding and Implementing IPsec and VPN
  • Introduction to Network Access Protection (NAP)
  • Understanding and Implementing Windows Firewall
  • Implementing Bit Locker Full Drive Encryption and EFS
  • Secure the Messaging Environment
  • Using Forefront TMG/UAG to securely publish your Internal Resources
  • Secure Mobile Smartphones
  • Introduction to Data Leakage Protection using AD-RMS

קהל יעד

This course is intended for IT Professionals and Security personal experienced on the technologies included in Windows Server 2003 or Server 2008.

תנאי קדם

Before attending this course, students must have:

  • Experience planning, implementing, managing, maintaining, and securing Microsoft 2003, including Active Directory and Network Infrastructure.
  • Working knowledge of networking, for example, TCP/IP
  • Experience installing, configuring, and administering Microsoft Windows 2003, Windows XP Professional, or Microsoft Windows 7
  • MCSA on Windows Server 2003 or MCSE on Windows Server 2003 recommended


Module 1: Understand the Defense in Depth concept

  • Introduction to Defense in Depth concept
  • Identify Security Risks
  • Basic understanding of a secure network topology
  • Defense in layers
  • Using Wire-Shark
  • Using Port Scanners
  • Microsoft Baseline Security Analyzer – MBSA
  • Microsoft Security Assessment Tool
  • Handling Regulation and Compliance requirements
  • Microsoft Security Compliance Manager
  • Auditing and Security Logs
  • The importance of Backups


Module 2: Server Hardening

  • Secure out of the Box
  • Server Hardening Basics
  • Using Local Policies
  • Using Security Templates
  • The Security Configuration Wizard
  • Using Windows Update Service
  • Implementing Windows Firewall
  • Windows Security Center
  • Server Auditing


Module 3: Secure your infrastructure using Group Policy

  • Microsoft Group Policy Basics
  • How GPO works
  • GPO Security Settings
  • Implementing GPO


Module 4: Authentication and Authorization Mechanizes

  • Understanding Authentication and Authorization
  • Microsoft Authentication Methods
  • Password Management
  • NTLM
  • Kerberos
  • Basic of Smart Cards
  • RADIUS Authentication
  • Leverage OTP – One Time Password
  • Microsoft Authorization
  • Understanding Permissions and DACL
  • Auditing


Module 5: Microsoft Server 2008 R2 Public Key Infrastructure (PKI)

  • Introduction to Cryptography
  • Security Algorithms
  • The Use of PKI
  • Windows Certificate Authority
  • Managing Certificates
  • Enrollment Methods
  • Certificate Extensions
  • PKI Enabled Applications
  • Implementing Smart cards
  • Working with Credential Roaming


Module 6: Understanding and Implementing IPsec and VPN

  • How IPsec Works
  • Why to Use IPsec
  • Tunneling Protocols
  • SSL Based VPN
  • Implementing IPsec
  • Implementing SSTP


Module 7: Introduction to Network Access Protection (NAP)

  • Maintaining network integrity with NAP
  • Integrating health-based decisions with enterprise security
  • Access Policies
  • Controlling access from inside and outside machines
  • Verifying client health compliance
  • Enforcing network access restrictions
  • Configuring NAP server components


Module 8: Bit Locker Full Drive Encryption and EFS

  • Specifying information security requirements
  • Analyzing data protection technologies
  • Encryption and Data Loss protection
  • Implementing EFS in the enterprise
  • Assuring data access with Recovery Agents
  • Planning enterprise BitLocker deployments
  • Implementation of BitLocker & BitLocker To Go


Module 9: Messaging System Security

  • Understanding the Messaging environment
  • The Security Risks in the Messaging environment
  • Implementing Anti-Virus solution for Exchange 
  • Implementing Anti-SPAM solution for Exchange 
  • Using Cloud based Services
  • Exchange Compliance Capabilities
  • Publishing the Exchange Services using TMG or UAG
  • Secure your Mobile Smartphones Infrastructure


Module 10: Introduction to DLP & AD-RMS

  • Understanding Data Leakage
  • How to Protect from Data Leakage
  • How AD-RMS Works
  • Implementing AD-RMS