Securing Windows Server 2016 (20744) course overview

This 5 day course teaches IT professionals how they can enhance the security of the IT infrastructure that they administer. This course begins by emphasizing the importance of assuming that network breaches have occurred already, and then teaches you how to protect administrative credentials and rights to ensure that administrators can perform only the tasks that they need to, when they need to.

This course also details how you can mitigate malware threats, identify security issues by using auditing and the Advanced Threat Analysis feature in Windows Server 2016, secure your virtualization platform, and use new deployment options, such as Nano server and containers to enhance security. The course also explains how you can help protect access to files by using encryption and dynamic access control, and how you can enhance your network’s security.

Instructor Led Learning

Duration: 5 Days
Registration Open Now!

Video Learning

Duration: 5 Days
Registration Open Now!

After completing this course, students will be able to:

  • Secure Windows Server.
  • Secure application development and a server workload infrastructure.
  • Manage security baselines.
  • Configure and manage just enough and just-in-time (JIT) administration.
  • Manage data security.
  • Configure Windows Firewall and a software-defined distributed firewall.
  • Secure network traffic.
  • Secure your virtualization infrastructure.
  • Manage malware and threats.
  • Configure advanced auditing.
  • Manage software updates.
  • Manage threats by using Advanced Threat Analytics (ATA) and Microsoft Operations Management Suite (OMS).
  • Candidates for this course have good Windows client and server operating system knowledge and basic AD DS and networking experience in an enterprise/small business (SMB) environment together with application configuration experience.In addition to their professional experience, students who attend this training should already have the following technical knowledge:
    • A good understanding of Transmission Control Protocol/Internet Protocol (TCP/IP) fundamentals and networking concepts.
    • A good working knowledge of both Windows Server 2012 R2 and Active Directory® Domain Services (AD DS). For example, domain user accounts, domain vs. local user accounts, user profiles, and group membership.
    • A good understanding of both scripts and batch files.
    • A solid understanding of security concepts, such as authentication and authorization.
    • Familiarity with deployment, packaging, and imaging tools.
    • Ability to work in a team/virtual team.
    • Ability to produce good documentation and have the appropriate communication skills to create proposals and make budget recommendations.
    • Knowledge equivalent to Windows 2012 R2 MCSA.



Course Outline

1. Planning Server Upgrade and Migration
This module explains how to plan a server upgrade and migration strategy.

  • Upgrade and Migration Considerations
  • Creating a Server Upgrade and Migration Plan
  • Planning for Virtualization

2. Planning and Implementing a Server Deployment Infrastructure
This module explains how to design an automated server installation strategy and plan and implement a server deployment infrastructure.

  • Selecting an Appropriate Server Deployment Strategy
  • Implementing an Automated Deployment Strategy

3. Planning and Deploying Servers Using Virtual Machine Manager
This module explains how to plan and deploy a Virtual Machine Manager (VMM) infrastructure for deploying servers.

  • System Center 2012 R2 Virtual Machine Manager Overview
  • Implementing VMM Library and Profiles
  • Plan and Deploy VMM Services

4. Designing and Maintaining an IP Configuration and Address Management Solution
This module explains how to design and maintain IP address management (IPAM) and a Dynamic Host Configuration Protocol (DHCP) solution.

  • Designing DHCP Servers
  • Planning DHCP Scopes
  • Designing an IPAM Provisioning Strategy
  • Managing Servers and Address Spaces by using IPAM

5. Designing and Implementing Name Resolution
This module explains how to design a name resolution solution strategy.

  • Designing a DNS Server Implementation Strategy
  • Designing the DNS Namespace
  • Designing DNS Zones
  • Designing DNS Zone Replication and Delegation
  • Optimizing DNS Servers
  • Designing DNS for High Availability and Security

6. Designing and Implementing an AD DS Forest and Domain Infrastructure
This module explains how to design and implement an organizational unit (OU) infrastructure and AD DS permissions model.

  • Designing an AD DS Forest
  • Designing AD DS Forest Trusts
  • Designing AD DS Integration with Windows Azure Active Directory
  • Designing AD DS Domains
  • Designing DNS Namespaces in AD DS Environments
  • Designing and Implementing AD DS Domain Trusts

7. Designing and Implementing an AD DS OU Infrastructure
This module explains how to design and implement an organizational unit (OU) infrastructure and AD DS permissions model.

  • Planning the AD DS Administrative Tasks Delegation
  • Designing the OU Structure
  • Designing and Implementing an AD DS Group Strategy

8. Designing and Implementing a Group Policy Object Strategy
This module explains how to design and implement a Group Policy object (GPO) strategy.

  • Gathering the Information Required for a GPO Design
  • Designing and Implementing GPOs
  • Designing GPO Processing
  • Planning Group Policy Management

9. Designing and Implementing an AD DS Physical Topology
This module explains how to design an AD DS sites topology and a domain controller placement strategy.

  • Designing and Implementing AD DS Sites
  • Designing AD DS Replication
  • Designing the Placement of Domain Controllers
  • Virtualization Considerations for Domain Controllers
  • Designing Highly Available Domain Controllers

10. Planning and Implementing Storage and File Services
This module explains how to plan and implement storage and file services.

  • Planning and Implementing iSCSI SANs
  • Planning and Implementing Storage Spaces
  • Optimizing File Services for Branch Offices

11. Designing and Implementing Network Protection
This module explains how to design and implement network protection.

  • Overview of Network Security Design
  • Designing and Implementing a Windows Firewall Strategy
  • Designing and Implementing a Network Access Protection (NAP) Infrastructure

12. Designing and Implementing Remote Access Services
This module explains how to design and implement remote access services.

  • Planning and Implementing DirectAccess
  • Planning and Implementing Virtual Private Networking
  • Planning and Implementing Web Application Proxy
  • Planning a Complex Remote Access Infrastructure

Join Over 10,000 Students that have studied with MasterGrade IT Now

Become Part of MasterGrade IT to Further Your Career.