Securing Windows Server 2016, Part 3 of 5: Auditing and Infrastructure

This course covers auditing and threat analytics. It will talk about auditing events and using group policy, dynamic auditing, virtualization infrastructure, guarded fabric and shielded virtual machines. it will then cover deploying security baselines, Host guardian service, Nano server and server roles. This course contains the following lessons:

Lesson 1:

• Overview of Auditing
• The Purpose of Auditing
• Types of Events
• Auditing Goals
• Auditing File and Object Access
• Demo: Define Audit Policies
• Demo: Event Log Settings.

Lesson 2:

• Advanced Auditing
• Advanced Auditing Subcategories
• Dynamic Auditing
• Event Log Subscriptions
• Audit Collection Services
• Demo: Event Forwarding
• Demo: Events
• Auditing with Windows PowerShell
• Demo: Auditing with PowerShell
• Demo: Event Logs in PowerShell
• Transaction Logging
• Module Logging
• Script Block Logging
• Demo: Get Logging Modules
• Demo: Logging.

Lesson 3:

• Overview of ATA
• Usage Scenarios
• Deployment Requirements
• ATA Gateways
• Port Mirroring
• Configuring ATA Center.

Lesson 4:

• Introduction to Operations Management Suite
• Deployment Overview
• OMS Solutions
• Installing OMS
• OMS Solutions Continued.

Lesson 5:

• Introduction to Guarded Fabric
• Host Guardian Service
• Preparing HGS Nodes
• Installing and Configuring HGS
• Attestation and Encryption
• Attestation Methods
• Initializing HGS
• Configuring HSG Clients.

Lesson 6:

• Security Compliance Manager
• SCM Requirements
• Demo: Install SCM
• Demo: Import GPOs
• Demo: Configuring a Baseline
• Demo: Deploy a Baseline.

Lesson 7:

• Planning for Nano Server
• Understanding Nano Server Roles
• Installing Nano Server Roles
• Nano Server Installation
• Installation Steps.