SANS SECURITY 505
English | ISO | 876MB
Genre: eLearning

The SANS SEC505: Securing Windows is a comprehensive set of courses for Windows security architects and administrators. It also tackles tough problems like Active Directory forest design, how to use Group Policy to lock down desktops, deploying a Microsoft PKI and smart cards, pushing firewall and IPSec policies out to every computer in the domain, securing public IIS Web servers, and PowerShell scripting.

PowerShell is the future of Windows scripting and automation. Easier to learn and more powerful than VBScript, PowerShell is an essential tool for automation and scalable management. And if there's one skill that will most benefit the career of a Windows specialist, it's scripting, because most of your competition lacks scripting skills, so it's a great way to make your resume stand out. Scripting skills are also essential for being able to implement the 20 Critical Security Controls.

SEC505 will also prepare you for the GIAC Certified Windows Security Administrator (GCWN) certification exam to help prove your security skills. In fact, all the questions on the exam come from the manuals used in the course.

You are encouraged to bring a virtual machine running Windows Server 2008 Enterprise Edition configured as a domain controller, but this is not a requirement for attendance since the instructor will demo everything discussed on screen. You can get a free evaluation version of Server 2008 - R2 from Microsoft's Web site (just do a Google search on "site:microsoft.com Server 2008 trial"). You can use VMware, VirtualBox, or any other virtual machine software you wish.

This is a fun course and a real eye-opener even for Windows administrators with years of experience. Come see why there's a lot more to Windows security than just applying patches and changing passwords. Come see why a Windows network needs a security architect.

Download the scripts and other files for this course here.
Securing Active Directory and DNS Day:

    Read - Only Domain Controllers (RODC)
    Securing Domain Controllers
    SYSKEY.EXE
    Disaster Planning and Recovery
    Encrypting Replication Traffic
    Property - Level Permissions (DACLs)
    Audit Settings (SACLs)
    Delegation of Authority
    Organizational Unit Design
    Custom MMC Consoles
    The "Empty Root" Domain Model
    Best Practices for Forest Design
    DNS SRV Records
    Unix BIND Integration
    Secure Dynamic Updates
    Best Practices for Securing DNS

Group Policy Day:

    The Group Policy Management Console (GPMC)
    Security Templates
    Security Configuration and Analysis MMC Snap-In
    SECEDIT.EXE
    Group Policy Objects (GPOs)
    GPO Links to Domains, OUs and Sites
    Order of Precedence Processing: LSDOU
    WMI Filtering
    Custom ADM/ADMX Templates
    MSI Deployment through Group Policy
    Pushing Out Scripts
    Software Restriction Policies
    Managing Internet Explorer Settings
    Replacing the Desktop Interface
    Micro - Managing Users' Applications

PKI, EFS and BitLocker Day:

    Why Must I Have A PKI?
    Examples: Smart Cards, VPNs, Wireless, SSL, S/MIME, etc.
    How To Install The Windows PKI
    Root vs. Subordinate Certification Authorities
    Should You Be Your Own Root CA?
    Controlling Certificate Enrollment
    How To Manage Your PKI
    Group Policy Deployment of Certificates
    How To Revoke Certificates
    Automatic Private Key Backup
    Delegation of Authority
    Deploying Smart Cards
    Smart Card Enrollment Station
    Best Practices for Private Keys
    Encrypting File System
    EFS Insecurity Myths
    BitLocker Drive Encryption
    TPM and USB BitLocker Options
    BitLocker Emergency Recovery
    MANAGE - BDE.WSF
    Best Practices for EFS and BitLocker

IPSec, Windows Firewall, NPS, VPNs and Wireless Day:

    Secure Socket Tunneling Protocol (SSTP)
    Isn't IPSec Just For VPNs? No!
    IPSec Domain Isolation
    How to Create IPSec Policies
    Group Policy Management of IPSec
    NETSH.EXE
    Windows Firewall with Advanced Security
    Configuring RADIUS Policies (NPS)
    EAP vs. PEAP
    PEAP - MS
    CHAPv2
    Smart Cards for VPN
    IPSec + L2TP =RRAS VPNs
    L2TP vs. PPTPv2
    Host-to-Router VPN Configuration Steps
    Router-to-Router VPN Configuration Steps
    VPN Best Practices
    Securing Wireless Networks
    Wi-Fi Protected Access (WPA)
    Smart Cards for Wireless
    Best Practices for Wireless

Securing IIS Day:

    FTP Over SSL (FTPS)
    IIS Server Hardening
    Security Template for IIS
    Patch Management
    Removing Dangerous Services
    Securing WebDAV
    Managing Bindings
    Hardening TCP/IP
    IPSec for IIS Servers
    Authentication Options
    Kerberos and NTLM for Web Applications
    Smart Cards for Web Applications
    Minimal HTTP Permissions
    Minimal NTFS Permissions
    Proper NTFS Auditing
    Running Scripts and Binaries on IIS
    Web-Based Applications
    Worker Process Isolation
    HTTP.SYS Filtering
    Securing XML Config Files
    Securing Logs Hands-Free
    Finding Hacking Signatures In Logs

PowerShell Scripting Day:

    What is PowerShell?
    CmdLets
    Running Scripts
    Namespace Providers
    Piping .NET Objects
    Parameter Binding
    Regular Expressions
    Functions and Filters
    The .NET Class Library
    Using Properties and Methods at the Command Line
    Security and Execution Policy
    Managing the Event Logs
    Accessing COM Objects: WMI, ADSI, ADO, etc.

More info:
_http://www.sans.org/ondemand/description.php?t