Securing Windows Client Overview
Total Page:16
File Type:pdf, Size:1020Kb
Securing Windows Client WorkshopPLUS Overview Security threats are increasingly a focal point for many enterprises. Cyber-crime, industrial espionage, and diversity of malware are expanding dramatically. There is Target Audience no single tool that can protect your assets against all threats. However, by This WorkshopPLUS is targeted protecting your client infrastructure with defenses at different layers of security, at the following IT professionals you can significantly reduce the potential exposure. who deploy, design, and Corporate client machines and devices can introduce significant security risk. This implement Windows Client WorkshopPLUS demonstrates Microsoft’s technologies, tools, and methods which environments: can be used to design, deploy, and control client-side security by significantly • IT Administrators decreasing several risks in Windows 7, 8, 8.1, and 10 environments. • Windows Infrastructure The three-day Securing Windows Client WorkshopPLUS provides students with the Engineers skills required to protect Windows clients against unintended access or intrusion. • Desktop Administrators This WorkshopPLUS covers: • Understanding the full story behind Credential Theft and Pass the Hash (PtH) • IT Security staff and attacks and know all the mitigations and countermeasures available for Administrators Windows 7 and later operating systems. • New and existing security features in Windows 10. • Securing the boot process, including BitLocker and Secure Boot. Key Features and Benefits • Virtualization-based security. • Hands-on labs and • Virtual Smart Cards and Windows Hello for Business. demos • Protecting network communications, including Windows Firewall and IPsec. • Protecting the client with cloud-based services. • Workshop structure is modularized and can be Technical Highlights customized according to After completing this WorkshopPLUS, you will be able to: customer’s needs • Implement security features and built-in tools of Windows 7, Windows 8, 8.1 and Windows 10. • Understand the current threat landscape and have an understanding of the most important mitigations. Syllabus This WorkshopPLUS suggested duration three full days. Students should Prerequisites anticipate consistent start and end times for each day. Early departure on any day is not recommended. The students must possess knowledge of the following: Module 1: Vulnerabilities, threats and PtH attack overview. This module • Security threats and provides an overview of general vulnerabilities, threats and layered security vulnerabilities protection. It covers PtH attack mitigation techniques. • Group policy Module 2: Security Features at OS Level. This module details tools that management have been available since Windows 7 but are still not very well known • Windows Firewall (Address Space Layout Randomization (ASLR), User Account Control • Network security (UAC), Mandatory Integrity Control (MIC) , AppLocker) as well as some new concepts features introduced in Windows 10. Module 3: Securing the Windows Boot Process. This module presents file Hardware Requirements and data layer security, and protections against offline attacks on client assets. The technologies reviewed in this module include BitLocker and • RAM: 16 GB Secure Boot. • Free hard disk space: 140 Module 4: Virtualization-based Security. This module covers Credential GB Guard and Device Guard. • SSD is mandatory • Processor supporting Module 6: User Authentication. During this module we will discuss IOMMU* alternatives to password-based authentication (virtual smart cards, • Secure Boot enabled Windows Hello for Business). Module 5: Protecting Client Network Communication: This module focuses on * Required to run the Module securing the network layer by providing a deep insight of built-in Windows 4 labs dealing with Firewall and IPsec capabilities. virtualization-based security. Module 7: Protecting Client with Cloud-based Services. A lot of Cloud-based and security-related services are available today. During this module, we will Operating System discover Enterprise Data Protection (EDP) as well as Windows Defender. Requirements Windows 10 version 1607 or Windows Server 2016 with Hyper-V enabled © 2017 Microsoft Corporation. All rights reserved. This data sheet is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.