MOC-40552 Microsoft Security Workshop: Managing Identity

The workshop covers the most common attacks against Active Directory and countermeasures reducing the attack surface. It also contains recommendations for recovery in the event of a complete compromise. You will explore in more details the functionality of Active Directory, focusing in particular on Kerberos-based authentication, including the Windows components that play the essential role in the authentication process. The workshop covers the underlying technology which will help you with identifying the most effective approach to protecting your Active Directory environment. In addition, the workshop provides an overview of Privileged Access Management, which sample implementation is the subject of the lab of this course. The workshop will also provide an overview of Azure Active Directory (Azure AD) and illustrates how to leverage its capabilities in order to enhance identity protection and to consolidate identity management in hybrid scenarios.

Target audience:
This course is intended for IT Professionals that require a deeper understanding of Windows Security that wish to increase their knowledge level through a predominately hands-on experience with Active Directory DS & Azure Active Directory.

This workshop is part of a larger series of Workshops offered by Microsoft on the practice of Security. While it is not required that you have completed any of the other courses in the Security Workshop series before taking this workshop, it is highly recommended that you start with the first course in the series, Microsoft Security Workshop: Enterprise Security Fundamentals.

In addition to their professional experience, students who take this training should already have the following technical knowledge:

• experience with Windows Client administration, maintenance, and troubleshooting;
• basic experience and understanding of Windows networking technologies, to include Windows Firewall network setting, DNS, DHCP, WiFi, and cloud services concepts;
• basic experience and understanding of Active Directory, including functions of a domain controller, sign on services, and an understanding of group policy;
• knowledge of and relevant experience in systems administration, using Windows Server 2012 R2 and 2016.

Learners who take this training can meet the prerequisites by obtaining equivalent knowledge and skills through practical experience as a Security Administrator, System Administrator, or a Network Administrator.

Program:

• Module 1: Managing Identity
  • In recent years, the range of features provided by identity solutions has been evolving in a dramatic pace in order to address continuously increasing levels of cyber threats. While facilitating authentication and authorization remain to be part of the core functionality of these solutions, modern identity management places additional emphasis on security and form one of the primary lines of defense against internal and external cyberattacks. In this module, you will learn about some generic principles of identity management that clearly demonstrate that focus.
• Module 2: Securing Active Directory
  • Most IT security breaches start with the compromise of a single computer. Once these entry points are compromised, the scope of the breach can expand in a rapid pace. Most commonly, exploits leverage existing vulnerabilities that have been overlooked or neglected. By identifying and eliminating the vulnerabilities that hackers leverage to propagate their exploits, organizations can minimize the impact of an initial compromise and impede lateral movement across the entire infrastructure. This approach play significant role in protecting the ultimate goal of most attacks – Active Directory domain controllers, which, once compromised, provide complete control of the organization’s Active Directory Domain Services (AD DS) forests. This module presents the most common attacks against Active Directory and countermeasures reducing the attack surface. It also contains recommendations for recovery in the event of a complete compromise.
• Module 3: Active Directory and Privileged Access Management
  • This module explores in more details the functionality of Active Directory, focusing in particular on Kerberos-based authentication, including the Windows components that play the essential role in the authentication process. Understanding the underlying technology will help you with identifying the most effective approach to protecting your Active Directory environment. In addition, the module provides an overview of Privileged Access Management, which sample implementation is the subject of the lab of this course.
• Module 4: Azure Active Directory
  • This module provides an overview of Azure Active Directory (Azure AD) and illustrates how to leverage its capabilities in order to enhance identity protection and to consolidate identity management in hybrid scenarios.

More information: https://www.microsoft.com/en-us/learning/course.aspx?cid=40552

After completing this course, students will be able to:

• explain the concept of Identity as the control plane;
• describe the principles of Secure Privileged Access (SPA);
• explain the basic characteristics of AD DS;
• describe primary methods of protecting AD DS;
• describe features of Azure AD editions;
• describe core Microsoft cloud security features;
• provide an overview of MIM;
• explain the benefits of JIT administration and PAM.

Koolitaja:
Peep Võrno on serverite ja võrkude vastu suurt huvi tundnud juba aastast 1992. Koolitajana on ta aktiivsemalt tegutsenud alates aastast 2003.
Sertifikaadid ja tunnistused: Microsoft Certified Trainer (MCT) aastast 2003

Koolitushind sisaldab:

• klassikoolitust;
• Microsofti ametlikke õppematerjale;
• koolitaja konsultatsiooni õpitud teemade kohta e-posti teel pärast koolitust;
• tunnistust.

Lisaväärtusena saad:

• vajadusel tasuta korduskoolituse kui tunned, et mõni oskus vajab täiendamist või pidid endast mittesõltuvatel põhjustel koolituse katkestama;
• sooje jooke koos küpsistega;
• lõunasööki igal koolituspäeval

Küsin koolituse kohta lisainfot