Windows Server 2016 Security Hardening

Windows Server 2016 is not as secure "out of the box" as most organizations require. This course explains how to beef up security using encryption, updates, software restrictions, credential management, and security baselines.
Course info
Level
Intermediate
Updated
Mar 1, 2017
Duration
3h 19m
Table of contents
Description
Course info
Level
Intermediate
Updated
Mar 1, 2017
Duration
3h 19m
Description

Windows Server 2016 provides tools for administrators to armor-plate server systems to protect data, ensure stability, avoid malware and guard against credential theft. BitLocker and EFS protect data at rest with robust and manageable encryption as well as platform validation. In this course, Windows Server 2016 Security Hardening, you'll discover how to harden your security so that it's orders of magnitude more secure than the default configuration. First, you'll discover how to encrypt server volumes and folders so only legitimate users have access. Next, you'll explore how to build a Windows update architecture that keeps servers properly patched at all times. Then, you'll learn how to stop password theft with Credential Guard and Virtualization Based Security. Finally, you'll get organized about security hardening with free baselines, templates, and tools. By the end of this course, you'll know how to set up BitLocker and EFS, automate update distribution with WSUS, restrict software with digital signatures and code integrity policies, protect Kerberos tickets and password hashes, and incorporate security best practices from Microsoft after tailoring them for your own organization.

About the author
About the author

Glenn is President of Independent Software Inc., a Denver IT consultancy. He has been teaching advanced computer seminars around the world since 1988. He developed official Server 2008 courseware for Microsoft. Glenn has written 18 commercial books for McGraw-Hill, Wiley, IDG and Sybex. He is also a sought-after expert witness.

More from the author
Maintaining Windows 10
Intermediate
2h 44m
Jun 12, 2019
Configuring Windows 10 Connectivity
Intermediate
2h 35m
May 10, 2019
More courses by Glenn Weadock
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hi everyone. My name is Glenn Weadock, and welcome to my course, Windows Server 2016 Security Hardening. I'm a consultant and seminar leader at Independent Software Inc. in Colorado and an author of over a dozen books on Windows, networking, and certification. Despite the vigorous efforts of software designers and network administrators, the problem of securing our networks seems to get more challenging every year. Windows Server 2016 is more secure out of the box than its predecessors, but in this course, we'll discover how to harden that security so that its order of magnitude is more secure than the default configuration. Some of the major topics that we will cover include how to encrypt server volumes in folders so that only legitimate users have access, build a Windows Update architecture that keeps servers properly patched at all times, limit what software is allowed to run via Defender, AppLocker, and Device Guard, stop password theft with Credential Guard and virtualization-based security, and get organized about security hardening with free baselines, templates, and tools. By the end of this course, you'll know how to set up BitLocker and EFS, how to automate update distribution with WSUS, restrict software with digital signatures and code integrity policies, protect Kerberos tickets and password hashes, and incorporate security best practices from Microsoft after tailoring them for your own organization. Now before beginning the course, you should be familiar with Windows Server and Active Directory fundamentals, but no advanced knowledge is required. I hope you'll join me on this journey to learn how to put some armor plating on your servers with the Windows Server 2016 Security Hardening course at Pluralsight.