Securing Windows Server 2019

Paths

Securing Windows Server 2019

Authors: Daniel Lachance, Rishalin Pillay, Larry Glusman , Robert McMillen, Greg Dickinson

The courses in this path take you through the security tools and techniques you’ll need to successfully secure Windows Server 2019. These days, security is of the utmost... Read more

What you will learn

  • Configure Windows Server 2019 EFS and BitLocker Encryption
  • Protect Windows Server 2019
  • Implement Local Administrator Password Solution
  • Implement a Guarded Fabric solution
  • Implement Shielded and encryption-supported VMs
  • Configure windows Firewall
  • Implement Just-In-Time (JIT) Administration
  • Implement Just-Enough-Administration (JEA)
  • Implement Privileged Access Workstations (PAWs) and User Rights Assignments

Pre-requisites

You should be familiar with Windows Server administration and installation

Securing Windows Server 2019

The courses in this path take you through the security tools and techniques you’ll need to successfully secure Windows Server 2019. These days, security is of the utmost importance. You’ll go through EFS and BitLocker encryption before getting into all of the different ways to secure Windows Server 2019. By the end of this path, you’ll have a secure Windows Server implementation that will be the envy of your colleagues.

Configuring Windows Server 2019 EFS and BitLocker Encryption

by Daniel Lachance

Sep 3, 2020 / 2h 20m

2h 20m

Start Course
Description

Securing data at rest is more important now than it ever has been, and achieving this with Windows Server 2019 is possible using encrypting file system (EFS) and BitLocker. In this course, Configuring Windows Server 2019 EFS and BitLocker Encryption, you’ll learn to secure Windows Server 2019 hosts during the boot process as well as securing data stored on server disk volumes. First, you’ll explore how to secure files and folder using EFS encryption. Then, you’ll discover how use TPM with Windows Server 2019 secure boot, BitLocker, and Hyper-V. Next, you'll uncover how to install, configure and manage BitLocker disk volume encryption for fixed, removable and network storage situations. Finally, you'll determine how to centrally deploy BitLocker settings using Group Policy as well as manage BitLocker certificates and password recovery. When you’re finished with this course, you’ll have the skills and knowledge of EFS and BitLocker needed to secure the boot process and data at rest on Windows Server 2019 hosts.

Table of contents
  1. Course Overview
  2. Implementing and Managing Encrypting File System
  3. Implementing TPM and Secure Boot with BitLocker
  4. Protecting Data at Rest Using BitLocker

Securing Windows Server 2019

by Rishalin Pillay

Jan 11, 2021 / 2h 58m

2h 58m

Start Course
Description

Windows Server 2019 has been built with a vast array of security features. Understanding them, and how to configure them correctly is crucial to any server environment. In this course, Securing Windows Server 2019, you’ll learn to fully secure Windows Server 2019. First, you’ll explore how to leverage the built in security capabilities of Windows Server 2019. Next, you’ll discover how to protect credentials and how to protect against malware. Finally, you’ll learn how to deploy secure baselines to ensure compliance with Microsoft and CIS best practices. When you’re finished with this course, you’ll have the skills and knowledge of Securing Windows Server 2019 needed to fully configure and deploy security capabilities within Windows Server 2019.

Table of contents
  1. Course Overview
  2. Getting Started with Windows Server 2019 Security
  3. Securing Credentials
  4. Protecting against Malware
  5. Hardening Using Baselines
  6. Wrap Up

Securing Windows Server 2019 Hyper-V Virtual Machines

by Larry Glusman

Feb 2, 2021 / 2h 31m

2h 31m

Start Course
Description

Keeping your data secure is becoming more and more important in today’s connected world. In this course, Securing Windows Server 2019 Hyper-V Virtual Machines, you’ll learn to protect your virtual machines from rogue admins or anyone else that might try to move your VMs to another location. First, you’ll explore the Host Guardian Service, to guard your fabric. Next, you’ll discover shielded virtual machines, to ensure your VMs are encrypted. Finally, you’ll learn how to mix the two, so that your VMs will run only on your guarded fabric, even if the entire VM file is stolen, along with all its passwords. When you’re finished with this course, you’ll have the skills and knowledge of an experienced Windows admin needed to protect your virtual machines from rogue admins on Windows Server 2019 with Hyper-V.

Table of contents
  1. Course Overview
  2. Understanding a Guarded Fabric
  3. Installing the Host Guardian Service
  4. Implementing a Guarded Fabric
  5. Understanding the Difference between Encrypted and Shielded VMs
  6. Implementing Shielded VMs
  7. Deploying Shielded VMs
  8. Migrating Shielded VMs

Configuring Windows Firewall for Windows Server 2019

by Daniel Lachance

Feb 7, 2020 / 1h 38m

1h 38m

Start Course
Description

Protecting Windows Server 2019 hosts from unauthorized network traffic can be achieved with correctly configured firewall rules. Both traffic coming into and out of hosts can be controlled using Windows Defender firewall. More than just basic IP address and port filtering, rules can be based on apps and services and have conditions such as user or host attempting to make a connection. In this course, Configuring Windows Firewall for Windows Server 2019, you'll explore how to create inbound and outbound firewall rules using the GUI including through Group Policy, and how rules relate to network location profiles. Next, you'll discover how to encrypt and authenticate network traffic using IPsec connection security rules. Finally, you will experience managing Windows Defender Firewall using PowerShell cmdlets. When you're done with this course, you'll have acquired the skills needed to plan and implement Windows Defender Firewall rules and IPsec.

Table of contents
  1. Course Overview
  2. Creating and Managing Windows Firewall Rules
  3. Securing Network Traffic with IPsec
  4. Managing Windows Firewall with PowerShell

Implement JIT and JEA Administration in Windows Server 2019

by Robert McMillen

Jan 22, 2021 / 2h 31m

2h 31m

Start Course
Description

The modern Windows network has issues with locking down security. In this course, Implement JIT and JEA Administration in Windows Server 2019, you’ll learn how to create an environment to protect administrative access to only authorized users and only when they need it and will learn about two different ways to accomplish this secure goal. First, you’ll learn about Just Enough Administration. This includes creating configuration and capability files to configure the JEA environment. Next, you’ll explore Just In Time administration. This type of security involves separating administrative access using bastion forests and domains. Finally, you’ll configure a bastion forest and create the necessary links and trusts to work between this forest and your production forest. You’ll learn this by utilizing shadow principles using Microsoft Identity Manager. By the end of this course, you'll be able to secure your on-premise or cloud environment more completely with JEA and JIT.

Table of contents
  1. Course Overview
  2. Preparing Endpoints for Just Enough Administration
  3. Deploying Just Enough Administration for Secure Management
  4. Configuring the Bastion Forest Using Microsoft Identity Manager (MIM) Specifications
  5. Installing and Configuring Microsoft Identity Manager Portal and Policies
  6. Utilizing Microsoft Identity Manager Using the Web Portal and PowerShell

Implementing Privileged Access Workstations (PAWs) and User Rights Assignments in Windows Server 2019

by Greg Dickinson

Oct 2, 2020 / 2h 6m

2h 6m

Start Course
Description

Are you ready to take a Windows Active Directory infrastructure and harden for secure administration of the environment? In this course, Implementing Privileged Access Workstations (PAWs) and User Rights Assignments in Windows Server 2019, you’ll learn to secure the administration functions of Microsoft Active Directory. First, you’ll explore the concepts behind Privileged Access Workstations. Next, you’ll discover how to design and implement an Enhanced Security Administrative Environment. Finally, you’ll learn how to configure security policies in Group Policy. When you’re finished with this course, you’ll have the skills and knowledge of Privileged Access Workstations and secure administration needed to manage workstations and servers in a Microsoft Windows environment.

Table of contents
  1. Course Overview
  2. Implementing Privileged Access Workstations
  3. Configuring Group Policy
  4. Implementing an Enhanced Security Administrative Environment
  5. Securing Remote Access