Note:
This class is currently full. If you would like to be added to a wait list, please contact Gail Patterson at 360-816-1450 or gail@nwppa.org.
Who Should Attend:
Network, server, desktop, and security administrators and management-level individuals interested in this topic.
Course Overview:
This class delivers proven, field-tested solutions for mitigating, monitoring, and protecting Microsoft Windows-based networks.
During the course, students will learn effective countermeasures to defend against common attacks and exploit techniques in a hands-on virtual environment that resembles a real-world network. Upon completion of the course, students will be able to apply operating system and active directory hardening techniques, mitigate legacy software risks, and design tolerant networks that are resistant to present and future threats.
During this class, students will harden a network consisting of:
- Microsoft Exchange
- Outlook Web Access
- Proxy Server
- Microsoft IIS
- Microsoft Windows 7/10
- MS Windows Server 2008/2012
- Microsoft Windows SQL Server
- Microsoft Software Update Services
- Firewall
The instructor will cover the following topics:
- Common exploitation techniques
- Active directory group policies
- Authentication mechanisms
- Windows auditing
- Log monitoring and alerting
- Oracle Java deployment ruleset
- Windows AppLocker/software restriction
- Syslog event logging
- Host firewall configuration
- Network traffic analysis
- Proxy server
- File system security
- Microsoft LAPS
- Microsoft EMET
- SNORT intrusion detection
As part of the final lab, students will:
- Deploy host and network intrusion detection in a virtual Windows network (Snort, syslog, Windows events)
- Run automated attacks and identify the source, destination, and type of attack
- Harden a virtual Windows network
- Run automated attacks to test Windows hardening
The International Information Systems Security Certification Consortium, Inc. accepts Digital Boundary Group’s Security Training Program as credit toward meeting the Continuing Professional Education requirements to maintain the Certified Information Systems Security Professional designation. (CISSP constituents will earn 32 CPE credits.)
Course Instructor:
Tom Bigos, CISSP, Digital Boundary Group
Course Schedule:
Registration will begin at 8 a.m., and the class will run from 8:30 a.m. to 4:30 p.m. each day. Lunch and refreshment breaks will be provided every day.
Course Location:
Northwest Public Power Association
9817 NE 54th Street, Suite 200
Vancouver, WA 98662
(360) 254-0109
Suggested Hotels:
Best Western (.5 miles from training location)
9420 NE Vancouver Mall Drive
Vancouver, WA 98662
(800) 528-1234
No
rooms have been blocked for this meeting. Please call the hotel or go online to
get the best available rate for sleeping rooms.
Heathman
Lodge (1.2 miles from training location)
7801 NE Greenwood Drive
Vancouver, WA 98662
(360) 254-3100
Corporate rate: $169
Please call the hotel and mention NWPPA to receive our corporate rate.
Course Fees:
Utility Member Early Bird (ends 8/25/2018): $2,270
Utility Member Standard: $2,345
Associate Member Early Bird (ends 8/25/2018): $3,405
Associate Member Standard: $3,480
Non-member Early Bird (ends 8/25/2018): $6,810
Non-member Standard: $6,885
Cancellation Policy:
Cancellations are accepted, with full refund, if request is made at least 30 days prior to the course. Within 30 days, fees are as follows: 15-29 days, $100; 1-14 days or "no show," 100 percent of registration fee. When possible, please send a substitute instead of canceling. NWPPA does not charge a fee for substitutions.
Continuing Hours:
This course qualifies for 24 continuing hours. Certificates are issued upon full completion of the course.