Hardening the Modern Windows Client Let s NOT break it this time
|
|
- Joanna Miles
- 5 years ago
- Views:
Transcription
1 Hardening the Modern Windows Client Let s NOT break it this time Raymond P.L. Comvalius
2 Raymond Comvalius IT Infra Architect/Trainer MVP Windows IT Pro Zelfstandig sinds 1998
3 Agenda History of Hardening Windows Modern desktops with modern challenges Old fashioned hardening Modern hardening Conclusions
4 History of Hardening Windows
5 How it all started Windows NT C2 Classification Security Guidance by NSA and others Trustworthy Computing Microsoft Security Guidance High Security became SSLF (Specialized Security Low Functionality)
6 INTELLIGENCE
7 ATTACK VECTORS Attack the applications and infrastructure Attack the Human
8 Hardening Mishaps of the past Replace all ACLs Removing Control Panel items Disable right-click anywhere Disable Command Prompt Disable RegEdit Disable InPrivate Mode "Tightening" a security setting doesn't always lead to better security
9 Some old rules still apply The most secure environments follow the least privilege principle
10 UAC was NOT the answer Elevating standard user to admin requires an exploitable bug User Account Control will NOT save you from elevation User Account Control is NOT a security boundary
11 UAC Enable UAC for built-in Administrator Enable UAC for local accounts on network logon Don t even think of disabling UAC
12 Old measures that still apply - Disk Encryption (BitLocker) - Account Lockout - Disable LM (default)
13 New measures but not modern Disable NetBIOS over TCP/IP Disable linking Microsoft Accounts Disable new DMA devices when this computer is locked (fixed in 1803) Disable SMBv1
14 SMB v1 Client and Server parts not in Windows 10 Enterprise/Education since version 1709 Server not in default install of Windows 10 Home/Professional since version 1709 Client uninstalls on Windows 10 Home/Professional when not used for 15 days after upgrade or clean install
15 Discussion Items Storing Network Credentials AutoPlay Sleep/Hibernate Remote Desktop Remote Assistance Telemetry
16 Modern Hardening
17 Windows is Secure by Default So Don t: Change default ACLs Change User Rights Assignments Replace system components Turn off security features
18 WINDOWS 7 SECURITY FEATURES Device protection Threat resistance Identity protection Information protection Breach detection investigation & response PRE-BREACH POST-BREACH
19 WINDOWS 10 SECURITY FEATURES Device protection Threat resistance Identity protection Information protection Breach detection investigation & response PRE-BREACH POST-BREACH
20 Windows Hello The power of PIN
21 Windows Hello for Business
22 Windows N-Factor N-Factor Second Factor Windows Hello Biometric Windows Hello Biometric First Factor or PIN or PIN or or Companion Devices Companion Devices Private keys secured in TPM
23 OFF MACHINE End to End Protection PRE-BREACH ON MACHINE POST- BREACH OFF MACHINE O365 ( ) Reducing attack vector Advanced sandbox detonation Exploit mitigation Edge (Browser) Browser hardening Reduce script based attack surface App container hardening Reputation based blocking for downloads Windows Defender Exploit Guard (HIPS) Attack Surface Reduction Set of rules to customize the attack surface Controlled Folder Access Protecting data against access by untrusted process Exploit Protection Mitigations against exploits Network Protection Blocking outbound calls to low rep sources Locked down device (Hardened platform) Windows 10S Device Guard App Guard (Virtualized base security) App isolation Application Control (Whitelist Executables) Only allowed apps can run Windows Defender Antivirus (AV) Improved ML and heuristic protection Instantly protected with the cloud Enhanced Exploit Kit Detections AntiMalware Scan Interface (Script based detection) Improved detection script based attacks AMSI for VBS/JS script runtime Windows Defender Antivirus behavioral engine (Behavior Analysis) Enhanced behavioral and machine learning detection library Process tree visualizations Artifact searching capabilities Memory scanning capabilities Windows Defender ATP (Advanced Threat Protection) Enhanced behavioral and machine learning detection library Process tree visualizations Artifact searching capabilities Machine Isolation and quarantine One Drive (Cloud Storage) Reliable versioned file storage in the cloud Point in time file recovery
24 Virtualization Based Security Apps Windows Platform Services DEVICE GUARD Credential GUARD Trustlet #3 Kernel Kernel Windows Operating System SystemContainer Hyper-V Hyper-V Hypervisor Device Hardware
25 Device Guard vs AppLocker Functionally they look alike a little bit Device Guard User Mode & Kernel Mode System-wide Admin cannot circumvent Admin cannot always disable Requires specific hardware AppLocker User Mode User/Group addressable Admin can circumvent Admin can always disable Runs on all Windows hardware
26 OFF MACHINE End to End Protection PRE-BREACH ON MACHINE POST- BREACH OFF MACHINE O365 ( ) Reducing attack vector Advanced sandbox detonation Exploit mitigation Edge (Browser) Browser hardening Reduce script based attack surface App container hardening Reputation based blocking for downloads Windows Defender Exploit Guard (HIPS) Attack Surface Reduction Set of rules to customize the attack surface Controlled Folder Access Protecting data against access by untrusted process Exploit Protection Mitigations against exploits Network Protection Blocking outbound calls to low rep sources Locked down device (Hardened platform) Windows 10S Device Guard App Guard (Virtualized base security) App isolation Application Control (Whitelist Executables) Only allowed apps can run Windows Defender Antivirus (AV) Improved ML and heuristic protection Instantly protected with the cloud Enhanced Exploit Kit Detections AntiMalware Scan Interface (Script based detection) Improved detection script based attacks AMSI for VBS/JS script runtime Windows Defender Antivirus behavioral engine (Behavior Analysis) Enhanced behavioral and machine learning detection library Process tree visualizations Artifact searching capabilities Memory scanning capabilities Windows Defender ATP (Advanced Threat Protection) Enhanced behavioral and machine learning detection library Process tree visualizations Artifact searching capabilities Machine Isolation and quarantine One Drive (Cloud Storage) Reliable versioned file storage in the cloud Point in time file recovery
27 Windows Defender AV Enhanced or new functionalities à à à à Limited Periodic scanning Enhanced Notifications Improved Adware Protection Client side ML Collect at First Sight, Block at Second Sight à à Cloud ML Improved Block at First Site à à Enhanced client sample collection Improved client whitelisting
28 PowerShell Tool for Hacking and Management AMSI (Anti Malware Scan Interface) Enable PowerShell Script Block Logging Execution policy is NO security boundary PowerShell Constrained Language Mode
29 OFF MACHINE End to End Protection PRE-BREACH ON MACHINE POST- BREACH OFF MACHINE O365 ( ) Reducing attack vector Advanced sandbox detonation Exploit mitigation Edge (Browser) Browser hardening Reduce script based attack surface App container hardening Reputation based blocking for downloads Windows Defender Exploit Guard (HIPS) Attack Surface Reduction Set of rules to customize the attack surface Controlled Folder Access Protecting data against access by untrusted process Exploit Protection Mitigations against exploits Network Protection Blocking outbound calls to low rep sources Locked down device (Hardened platform) Windows 10S Device Guard App Guard (Virtualized base security) App isolation Application Control (Whitelist Executables) Only allowed apps can run Windows Defender Antivirus (AV) Improved ML and heuristic protection Instantly protected with the cloud Enhanced Exploit Kit Detections AntiMalware Scan Interface (Script based detection) Improved detection script based attacks AMSI for VBS/JS script runtime Windows Defender Antivirus behavioral engine (Behavior Analysis) Enhanced behavioral and machine learning detection library Process tree visualizations Artifact searching capabilities Memory scanning capabilities Windows Defender ATP (Advanced Threat Protection) Enhanced behavioral and machine learning detection library Process tree visualizations Artifact searching capabilities Machine Isolation and quarantine One Drive (Cloud Storage) Reliable versioned file storage in the cloud Point in time file recovery
30 Attack Surface Reduction Very useful to protect from script/macro attacks Blocks executable content from macros Blocks obfuscated scripts Runs in all Windows 10 SKUs Requires Windows Defender AV Works best with Windows Defender ATP
31 Configuring Attack Surface Reduction Configure from: MDM Group Policy Windows components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled Folder Access Configure Controlled Folder Access PowerShell Set-MpPreference - AttackSurfaceReductionRules_Ids {GUID} - AttackSurfaceReductionRules_Actions [Enabled/Disabled/AuditMode]
32 Process Mitigation in Windows 10 Force OS mitigations on existing applications Usually applied by the developer Previously done by EMET Utilizes the Application Compatibility Framework
33 Process Mitigations Windows Defender is not required! Windows Defender Security Center UI PowerShell Option to import EMET settings Export to XML for: Group Policy Mobile Device Management Configuration Manager
34 Controlled Folder Access Very useful to protect from ransomware Blocks suspicious programs from writing in protected folders Runs in all Windows 10 SKUs Requires Windows Defender AV Works best with Windows Defender ATP
35 Configuring Controlled Folder Access Configure from: Windows Defender Security Center app Group Policy Windows components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled Folder Access Configure Controlled Folder Access PowerShell Set-MpPreference -EnableControlledFolderAccess Enabled
36 Windows Defender Network Protection Like Smartscreen beyond IE and Edge Blocks applications from accessing suspicious locations over http and https Runs on all Windows 10 SKUs Requires Windows Defender AV
37 OFF MACHINE End to End Protection PRE-BREACH ON MACHINE POST- BREACH OFF MACHINE O365 ( ) Reducing attack vector Advanced sandbox detonation Exploit mitigation Edge (Browser) Browser hardening Reduce script based attack surface App container hardening Reputation based blocking for downloads Windows Defender Exploit Guard (HIPS) Attack Surface Reduction Set of rules to customize the attack surface Controlled Folder Access Protecting data against access by untrusted process Exploit Protection Mitigations against exploits Network Protection Blocking outbound calls to low rep sources Locked down device (Hardened platform) Windows 10S Device Guard App Guard (Virtualized base security) App isolation Application Control (Whitelist Executables) Only allowed apps can run Windows Defender Antivirus (AV) Improved ML and heuristic protection Instantly protected with the cloud Enhanced Exploit Kit Detections AntiMalware Scan Interface (Script based detection) Improved detection script based attacks AMSI for VBS/JS script runtime Windows Defender Antivirus behavioral engine (Behavior Analysis) Enhanced behavioral and machine learning detection library Process tree visualizations Artifact searching capabilities Memory scanning capabilities Windows Defender ATP (Advanced Threat Protection) Enhanced behavioral and machine learning detection library Process tree visualizations Artifact searching capabilities Machine Isolation and quarantine One Drive (Cloud Storage) Reliable versioned file storage in the cloud Point in time file recovery
38 Edge for Secure Browsing Microsoft Edge is the most secure browser Microsoft has ever shipped Tactics Objective Strategy Eliminate vulnerabilities before attackers can find them Keep our customers safe when browsing the web à Make it difficult and costly for attackers to find and exploit vulnerabilities in Microsoft Edge à Break exploitation techniques used by attackers Contain the damage when vulnerabilities are discovered Prevent navigation to known exploit sites
39 HARDWARE ISOLATION WITH WINDOWS DEFENDER APPLICATION GUARD Microsoft Edge Apps Windows Platform Services Windows Platform Services Critical System Processes Kernel Windows Defender Application Guard Container Kernel Windows Operating System Kernel System Container Hyper-V Hyper-V Hypervisor Device Hardware
40
41
42 There is so much more
43 Links Windows Security Baselines Unintended consequences of Security Lockdowns Microsoft Compliance Toolkit Windows 10 Hardening Australia
44 16:15 17:15 Multi-Factor Authentication, wie ben je nu helemaal? Sander Berkouwer
WINDOWS 10 ENTERPRISE New Security Features
WINDOWS 10 ENTERPRISE New Security Features J. Abernethy mindshift Technologies Josh Quinn mindshift Technologies #ILTALSS #LSS26 TODAY S AGENDA Windows 10 Security Fundamentals Managing Windows 10 Security
More informationEnterprise Ransomware Mitigations
打造數碼安全校園 Enterprise Ransomware Mitigations Windows 10, Edge Browser, Office ATP Enterprise Mobility Suite (EMS) ATP OneDrive for Business Azure Backup 3rd party Cloud Backup THE WINDOWS CLIENT DEFENSE
More informationMODERN DESKTOP SECURITY
MODERN DESKTOP SECURITY I M GOING TO BE HONEST. WE RE IN THE FIGHT OF OUR DIGITAL LIVES, AND WE ARE NOT WINNING! M I C H A E L M C C A U L, C H A I R M A N, U S H O M E L A N D S E C U R I T Y C O M M
More informationEvolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa
Evolution of Cyber Security Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa Nasser.Kettani@microsoft.com @nkettani MODERN SECURITY THREATS THERE ARE TWO KINDS OF BIG COMPANIES:
More informationUpgrading Your Skills to MCSA Windows 8
Course 20689D: Upgrading Your Skills to MCSA Windows 8 Course Details Course Outline Module 1: Windows 8.1 in an Enterprise Network Environment This module explains how the features and related solutions
More informationWe need a browser that just works with modern web sites and services. I m worried about Internet security threats and the risk to my business
WHAT WE HEARD FROM YOU We need a browser that just works with modern web sites and services I m worried about Internet security threats and the risk to my business My employees need to be productive when
More informationMD-100: Modern Desktop Administrator Part 1
Days: 5 Description: This five-day course is for IT professionals who deploy, configure, secure, manage, and monitor devices and client applications in an enterprise environment. Students will develop
More informationWindows 10 Security & Audit
Windows 10 Security & Audit John Tannahill, CA, CISM, CGEIT, CRISC, CSX-P jtannahi@rogers.com Windows 10 Editions Home Pro Enterprise Education Mobile IoT Editions 1 Windows 10 Builds Windows 10 (initial
More informationWindows 10 Identity and Security
Windows 10 Identity and Security CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $3.0 TRILLION $3.5 MILLION $500 MILLION Impact of lost productivity and growth Average cost of a data breach (15% YoY
More informationCourse Outline. Course Outline :: 20744A::
Module Title : 20744A: Securing Windows Server 2016 Duration : 5 days Overview This five-day, instructor-led course teaches IT professionals how they can enhance the security of the IT infrastructure that
More information[MS20744]: Securing Windows Server 2016
[MS20744]: Securing Windows Server 2016 Length : 5 Days Audience(s) : IT Professionals Level : 300 Technology : Windows Server Delivery Method : Instructor-led (Classroom) Course Overview This five-day,
More informationIdentity & Access Management
Identity & Access Management THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY WITHOUT COMPROMISING SECURITY? S E C U R I T Y OR P R O D U C T I V I T Y On-premises THE PROBLEM: HOW DO WE ENABLE PRODUCTIVITY
More informationConfiguring Windows 8 Course 20687A - Five days - Instructor-led - Hands-on
Configuring Windows 8 Course 20687A - Five days - Instructor-led - Hands-on Introduction This course provides students hands-on experience with Windows 8. It provides guidance on installing, upgrading,
More informationSecuring Windows Server 2016
Course 20744: Securing Windows Server 2016 Page 1 of 7 Securing Windows Server 2016 Course 20744: 4 days; Instructor-Led Introduction This four-day, instructor-led course teaches IT professionals how they
More information20744: Securing Windows Server Sobre o curso. Microsoft. Nível: Avançado Duração: 35h
20744: Securing Windows Server 2016 Microsoft Nível: Avançado Duração: 35h Sobre o curso This five-day, instructor-led course teaches IT professionals how they can enhance the security of the IT infrastructure
More informationWindows Server Security Guide
Windows Server Security Guide August 2017 Contents Windows Server 2016 Security Guide... 3 Why is Windows Server 2016 security important?... 3 How does Windows Server 2016 help prevent and detect compromise?...
More informationWindows 10 and the Enterprise. Craig A. Brown Prepared for: GMIS
Windows 10 and the Enterprise Craig A. Brown Prepared for: GMIS 11-2-2015 Introduction Craig A. Brown Microsoft Practice Leader Global Knowledge MCT, Since 1996 MCSA / MCSE / NT / 2000 / 2003 MCDST MCITP:
More informationCourse D:Implementing and Managing Windows 100
Course 20697-1D:Implementing and Managing Windows 100 About this course: This course provides students with the knowledge and skills required to install and configure Windows 10 desktops and devices in
More informationImplementing and Managing Windows 10
Course 20697 1C: Implementing and Managing Windows 10 Course Outline Module 1: Overview of Windows 10 This module describes the Windows 10 operating system. It describes the new features in Windows 10,
More informationMoving from Reactive to Proactive Security. Sami Laiho Adminize / Intility Senior Technical Fellow, MVP April 28 th New-York City
Moving from Reactive to Proactive Security Sami Laiho Adminize / Intility Senior Technical Fellow, MVP April 28 th New-York City Thanks to our Organizers! Tome Tanasovski PowerShell MVP Blog: http://powertoe.wordpress.com/
More information1
Best platform for modern business Affordable and innovative devices Highly mobile and built for agility Broadest range and selection Presented by Dmitri Milov Simple to setup and manage Setup out of the
More informationCOURSE OUTLINE MOC 20697: INSTALLING AND CONFIGURING WINDOWS 10
COURSE OUTLINE MOC 20697: INSTALLING AND CONFIGURING WINDOWS 10 MODULE 1: OVERVIEW OF WINDOWS 10 This module introduces the Windows 10 operating system. It describes the new features in Windows 10, and
More informationSecuring Windows Server 2016 (20744)
Securing Windows Server 2016 (20744) Formato do curso: Presencial Localidade: Lisboa Data: 13 Mai. 2019 a 17 Mai. 2019 Preço: 1670 Horário: Laboral - das 09h30 às 17h30 Duração: 35 horas This five-day,
More informationCourse : Installing and Configuring Windows 10
Course 20697-1: Installing and Configuring Windows 10 Course details Module 1: Overview of Windows 10 This module introduces the Windows 10 operating system. It describes the new features in Windows 10,
More informationMD-101: Modern Desktop Administrator Part 2
Days: 5 Description: This five-day course is for Desktop Administrators that deploy, configure, secure, manage, and monitor devices and client applications in an enterprise environment. As desktops has
More informationDefense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation
Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client
More informationCourse Outline 20698B
Course Outline 20698B Module 1: Installing Windows 10 This module describes the features of Windows 10 and the process for installing and deploying it. The module also describes how to upgrade to Windows
More informationSecuring Windows Server 2016
Course 20744C: Securing Windows Server 2016 Page 1 of 7 Securing Windows Server 2016 Course 20744C: 4 days; Instructor-Led Introduction This four-day, instructor-led course teaches IT professionals how
More informationExam /Course C or B Configuring Windows Devices
Exam 70-697/Course 20697-1C or 20697-2B Configuring Windows Devices Course 20697-1C Implementing and Managing Windows 10 About this course This course provides students with the knowledge and skills required
More informationmicrosoft. Number: Passing Score: 800 Time Limit: 120 min.
70-744 microsoft Number: 70-744 Passing Score: 800 Time Limit: 120 min Exam A QUESTION 1 This question is part of a series of question that use the same or similar answer choices. Your network contains
More informationCourse Outline 20744B
Course Outline 20744B Module 1: Attacks, breach detection, and Sysinternals tools In this module, students will learn about breach detection, attack types and vectors, cybercrime, and how you can analyse
More informationSymantec Ransomware Protection
Symantec Ransomware Protection Protection Against Ransomware Defense in depth across all control points is required to stop ransomware @ Email Symantec Email Security.cloud, Symantec Messaging Gateway
More informationSecuring Windows Server 2016
Securing Windows Server 2016 Varighed: 5 Days Kursus Kode: M20744 Beskrivelse: This five-day, instructor-led course teaches IT professionals how they can enhance the security of the IT infrastructure that
More informationCS 356 Operating System Security. Fall 2013
CS 356 Operating System Security Fall 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control Lists Chapter 5 Database
More informationCourse Outline. Implementing and Managing Windows 10 Course C: 5 days Instructor Led
Implementing and Managing Windows 10 Course 20697-1C: 5 days Instructor Led About this course This course is designed to provide students with the knowledge and skills required to install and configure
More information"Charting the Course... MOC D Configuring Windows 8.1 Course Summary
Course Summary Description Get expert instruction and hands-on practice administering and configuring Windows in this 5-day Microsoft Official Course. This course is designed for experienced IT professionals
More information"Charting the Course... MOC C: Securing Windows Server Course Summary
Course Summary Description This five-day, instructor-led course teaches IT professionals how they can enhance the security of the IT infrastructure that they administer. This course begins by emphasizing
More information70-697: Configuring Windows Devices Course 7 Managing Apps
70-697: Configuring Windows Devices Course 7 Managing Apps Slide 1 Installing and Configuring Applications Working with Windows Store Apps Managing Web Browsers Slide 2 Applications are primary tools that
More informationSecuring Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &
Securing Dynamic Data Centers Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan & Afghanistan @WajahatRajab Modern Challenges By 2020, 60% of Digital Businesses will suffer Major Service
More informationThe Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company
The Invisible Threat of Modern Malware Lee Gitzes, CISSP Comm Solutions Company November 12, 2014 Malware s Evolution Why the change? Hacking is profitable! Breaches and Malware are Projected to Cost $491
More informationMicrosoft Upgrading Your Skills to MCSA Windows 8
1800 ULEARN (853 276) www.ddls.com.au Microsoft 20689 - Upgrading Your Skills to MCSA Windows 8 Length 3 days Price $2750.00 (inc GST) Version D Overview This course is designed for experienced IT professionals
More informationM365 Powered Device Proof of Concept
M365 Powered Device Proof of Concept 365 A complete, intelligent, secure solution to empower employees Office 365 Windows 10 Enterprise Mobility + Security Modern IT Multiple Device Platforms User and
More informationInstalling and Configuring Windows 10 5 Days, Instructor-led
Installing and Configuring Windows 10 5 Days, Instructor-led Course Description This course is designed to provide students with the knowledge and skills required to install and configure Windows 10 desktops
More informationInstalling and Configuring Windows 10
Installing and Configuring Windows 10 Course 20697-1B 5 Days Instructor-led, Hands-on Course Description This five day, instructor led course is designed to provide students with the knowledge and skills
More informationmicrosoft. Number: Passing Score: 800 Time Limit: 120 min.
70-744 microsoft Number: 70-744 Passing Score: 800 Time Limit: 120 min Exam A QUESTION 1 This question is part of a series of question that use the same or similar answer choices. Your network contains
More informationAgenda. Why we need a new approach to endpoint security. Introducing Sophos Intercept X. Demonstration / Feature Walk Through. Deployment Options
Agenda Why we need a new approach to endpoint security Introducing Sophos Intercept X Demonstration / Feature Walk Through Deployment Options Q & A 2 Endpoint Security has reached a Tipping Point Attacks
More informationInstalling and Configuring Windows 10
Course 20698A: Installing and Configuring Windows 10 Course details Course Outline Module 1: Installing Windows 10 This module describes the features of Windows 10 and the process for installing and deploying
More informationCOPYRIGHTED MATERIAL. Contents. Part I: The Basics in Depth 1. Chapter 1: Windows Attacks 3. Chapter 2: Conventional and Unconventional Defenses 51
Acknowledgments Introduction Part I: The Basics in Depth 1 Chapter 1: Windows Attacks 3 Attack Classes 3 Automated versus Dedicated Attacker 4 Remote versus Local 7 Types of Attacks 8 Dedicated Manual
More informationConfiguring Windows 8
Configuring Windows 8 Duration: 5 Days Course Code: 687 Overview: This course provides students hands-on experience with Windows 8. It provides guidance on installing, upgrading, and licensing for Windows
More informationSentinelOne Technical Brief
SentinelOne Technical Brief SentinelOne unifies prevention, detection and response in a fundamentally new approach to endpoint protection, driven by machine learning and intelligent automation. By rethinking
More informationMicrosoft Securing Windows Server 2016
1800 ULEARN (853 276) www.ddls.com.au Length 5 days Microsoft 20744 - Securing Windows Server 2016 Price $4290.00 (inc GST) Version B Overview This five-day, instructor-led course teaches IT professionals
More informationSurprisingly Successful: What Really Works in Cyber Defense. John Pescatore, SANS
Surprisingly Successful: What Really Works in Cyber Defense John Pescatore, SANS 1 Largest Breach Ever 2 The Business Impact Equation All CEOs know stuff happens in business and in security The goal is
More informationSymantec Endpoint Protection Family Feature Comparison
Symantec Endpoint Protection Family Feature Comparison SEP SBE SEP Cloud SEP Cloud SEP 14.2 Device Protection Laptop, Laptop Laptop, Tablet Laptop Tablet & & Smartphone Smartphone Meter Per Device Per
More informationDatacenter Security: Protection Beyond OS LifeCycle
Section Datacenter Security: Protection Beyond OS LifeCycle 1 Not so fun Facts from the Symantec ISTR 2017 Report Zero-Day Vulnerability, annual total Legitimate tools, annual total 6,000 5 5,000 4,000
More informationSecuring Windows Server 2016
Securing Windows Server 2016 Duration: 5 Days Course Code: M20744 Version: C Delivery Method: Elearning (Self-paced) Overview: This five-day, instructor-led course teaches IT professionals how they can
More informationMaximum Security with Minimum Impact : Going Beyond Next Gen
SESSION ID: SP03-W10 Maximum Security with Minimum Impact : Going Beyond Next Gen Wendy Moore Director, User Protection Trend Micro @WMBOTT Hyper-competitive Cloud Rapid adoption Social Global Mobile IoT
More information12/5/2013. work-life blur. more mobile. digital generation. multiple devices. tech. fast savvy
1 work-life blur more mobile digital generation multiple devices CONSUMERIZATION tech fast savvy VIRTUALIZATION CLOUD paced 2 By Avanade Global Research Study 2013 2 3 Embracing the consumerization of
More informationSecuring Windows Server 2016 (20744)
Securing Windows Server 2016 (20744) Duration: 5 Days Price: $895 Delivery Option: Attend via MOC On-Demand Students Will Learn Securing Windows Server Protecting credentials and implement privileged access
More informationMobility Windows 10 Bootcamp
Mobility Windows 10 Bootcamp Length: 8 days Format: Bootcamp Time: Day About This Course This boot camp is designed to provide students with the knowledge and skills required to install and configure Windows
More informationProtecting Against Modern Attacks. Protection Against Modern Attack Vectors
Protecting Against Modern Attacks Protection Against Modern Attack Vectors CYBER SECURITY IS A CEO ISSUE. - M C K I N S E Y $4.0M 81% >300K 87% is the average cost of a data breach per incident. of breaches
More informationOne Ring to Rule them All
One Ring to Rule them All A primer on virtualization enhanced security @SimonCrosby Co-founder & CTO Introduction We use micro-virtualization to secure endpoints We serve enterprises and government agencies
More informationPieter Wigleven Windows Technical Specialist
Pieter Wigleven Windows Technical Specialist HOW DO BREACHES OCCUR? Malware and vulnerabilities are not the only thing to worry about 46% of compromised systems had no malware on them 99.9% of exploited
More informationFeature Comparison Summary
Feature Comparison Summary, and The cloud-ready operating system Thanks to cloud technology, the rate of change is faster than ever before, putting more pressure on IT. Organizations demand increased security,
More informationWindows 10 Deployment and Security. Crissier Jean-Francois Ageneau
Windows 10 Deployment and Security Crissier 08.03.17 Jean-Francois Ageneau Agenda 1. Plan 2. Build 3. Run 4. Challenges 10.03.2016 Crissier Bechtle IT-Forum Lausanne Jean-Francois Ageneau Plan 10/03/2017
More informationDiscover threats quickly, remediate immediately, and mitigate the impact of malware and breaches
Discover threats quickly, remediate immediately, and mitigate the impact of malware and breaches Introduction No matter how hard you work to educate your employees about the constant and evolving threats
More informationInstalling and Configuring Windows 10 (698)
Installing and Configuring Windows 10 (698) Implement Windows Prepare for installation requirements Determine hardware requirements and compatibility; choose between an upgrade and a clean installation;
More informationImplementing and Managing Windows 10
Implementing and Managing Windows 10 20697-1C; 5 Days; Instructor-led Course Description This course is designed to provide students with the knowledge and skills required to install and configure Windows
More informationConsultant since many years. Mainly working with defense and public sector. MCSE on Windows Server 2000 security ;-)
About Consultant since many years Mainly working with defense and public sector MCSE on Windows Server 2000 security ;-) CYBERCRIME: STATE OF THE UNION EVOLUTION OF ATTACKS Mischief Fraud and theft Damage
More informationCritical Hygiene for Preventing Major Breaches
SESSION ID: CXO-F02 Critical Hygiene for Preventing Major Breaches Jonathan Trull Microsoft Enterprise Cybersecurity Group @jonathantrull Tony Sager Center for Internet Security @CISecurity Mark Simos
More informationIT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,
IT Security Training MS-500: Microsoft 365 Security Administration $2,595.00 4 Days Upcoming Dates Course Description Day 1: Managing Microsoft 365 Identity and Access (MS-500T01-A) Help protect against
More informationHow Enterprise Tackles Phishing. Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong
How Enterprise Tackles Phishing Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong Hackers turning to easy marks - Social engineering Phishing was the #1 threat vector (> 50%) for Office
More informationCIS Controls Measures and Metrics for Version 7
Level One Level Two Level Three Level Four Level Five Level Six 1.1 Utilize an Active Discovery Tool Utilize an active discovery tool to identify devices connected to the organization's network and update
More informationSecuring the Modern Data Center with Trend Micro Deep Security
Advania Fall Conference Securing the Modern Data Center with Trend Micro Deep Security Okan Kalak, Senior Sales Engineer okan@trendmicro.no Infrastructure change Containers 1011 0100 0010 Serverless Public
More informationCOURSE B: INSTALLING AND CONFIGURING WINDOWS 10
ABOUT THIS COURSE This course is designed to provide students with the knowledge and skills required to install and configure Windows 10 desktops and devices in a Windows Server domain corporate environment.
More informationWindows in the enterprise
Windows in the enterprise Enabling flexible workstyles with Windows 8.1 Enterprise Terry Stein Territory Manager anywhere, anytime expectations BYOD goes mainstream enabling mobility critical for success
More informationWindows 10 v1809 Made Easy Bill James, VP, Computer Club of Oklahoma City APCUG Advisor, Region 8 APCUG VTC November 3, 2018
Windows 10 v1809 Made Easy Bill James, VP, Computer Club of Oklahoma City APCUG Advisor, Region 8 APCUG VTC November 3, 2018 Windows Timeline Timeline helps you pick up where you left off. Clicking the
More informationWindows Server The operating system
Windows Server 2019 The operating system that bridges onpremises and cloud By maximizing technology and infrastructure investments with Windows Server 2019, forward-facing businesses can capture direct
More informationHands-On Ethical Hacking and Network Defense 3rd Edition
Hands-On Ethical Hacking and Network Defense 3rd Edition Chapter 8 Desktop and Server OS Vulnerabilities Last updated 3-17-18 Objectives After reading this chapter and completing the exercises, you will
More informationInstalling and Configuring Windows 10
Installing and Configuring Windows 10 Course Description In this course, you will gain the knowledge and skills required to install and configure Windows 10 desktops and devices in a Windows Server domain
More informationCOPYRIGHTED MATERIAL. Contents. Assessment Test
Contents Introduction Assessment Test xxvii xxxvii Chapter 1 Installing Windows 7 1 Introducing Windows 7 2 Windows 7 Architecture 5 Preparing to Install Windows 7 6 Windows 7 Starter 7 Windows 7 Home
More informationTOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION
INFORMATION TECHNOLOGY SECURITY GUIDANCE TOP 10 IT SECURITY ACTIONS TO PROTECT INTERNET-CONNECTED NETWORKS AND INFORMATION ITSM.10.189 October 2017 INTRODUCTION The Top 10 Information Technology (IT) Security
More informationCourse Outline (version 2)
Course Outline (version 2) Page. 1 CERTIFIED SECURE COMPUTER USER This course is aimed at end users in order to educate them about the main threats to their data s security. It also equips the students
More informationWindows 10. scalable IT services & solutions. October 25, Bruce Ward, VP of Business Strategy. Dan Sharp, Senior Consultant
Windows 10 October 25, 2018 Helping you grow your business with Bruce Ward, VP of Business Strategy scalable IT services & solutions Dan Sharp, Senior Consultant for today s challenges & tomorrow s vision.
More informationCopyright 2011 Trend Micro Inc.
Copyright 2011 Trend Micro Inc. 2008Q1 2008Q2 2008Q3 2008Q4 2009Q1 2009Q2 2009Q3 2009Q4 2010Q1 2010Q2 2010Q3 2010Q4 2011Q1 2011Q2 2011Q3 2011Q4 M'JPY Cloud Security revenue Q to Q Growth DeepSecurity/Hosted/CPVM/IDF
More informationCIS Controls Measures and Metrics for Version 7
Level 1.1 Utilize an Active Discovery Tool 1.2 Use a Passive Asset Discovery Tool 1.3 Use DHCP Logging to Update Asset Inventory 1.4 Maintain Detailed Asset Inventory 1.5 Maintain Asset Inventory Information
More informationMicrosoft Configuring Windows 8.1
1800 ULEARN (853 276) www.ddls.com.au Length 5 days Microsoft 20687 - Configuring Windows 8.1 Price $4290.00 (inc GST) Version D Overview Get expert instruction and hands-on practice administering and
More informationLocking down a Hitachi ID Suite server
Locking down a Hitachi ID Suite server 2016 Hitachi ID Systems, Inc. All rights reserved. Organizations deploying Hitachi ID Identity and Access Management Suite need to understand how to secure its runtime
More informationISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002
ISO 27002 COMPLIANCE GUIDE How Rapid7 Can Help You Achieve Compliance with ISO 27002 A CONTENTS Introduction 2 Detailed Controls Mapping 3 About Rapid7 8 rapid7.com ISO 27002 Compliance Guide 1 INTRODUCTION
More informationSophos Central Admin. help
help Contents About Sophos Central...1 Activate Your License... 2 Overview...3 Dashboard... 3 Alerts...4 Logs & Reports... 15 People...31 Devices... 41 Global Settings... 57 Protect Devices... 90 Endpoint
More informationFeature Comparison Summary
Feature Comparison Summary,, and The cloud-ready operating system is the cloud-ready operating system that delivers new layers of security and Azure-inspired innovation for the applications and infrastructure
More information9 Years in Consulting. Broad experience in Microsoft Infrastructure solutions. Specialised in Windows 10 & Surface familly
About 9 Years in Consulting Broad experience in Microsoft Infrastructure solutions Specialised in Windows 10 & Surface familly We know Windows XP Windows 7 wasn t easy It often took between 3-7 years!
More informationKey Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge
Key Threats Internet was just growing Mail was on the verge Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering Key Threats Code Red and Nimda (2001), Blaster (2003), Slammer
More informationManaging Microsoft 365 Identity and Access
Course MS-500T01-A: Managing Microsoft 365 Identity and Access Page 1 of 3 Managing Microsoft 365 Identity and Access Course MS-500T01-A: 1 day; Instructor-Led Introduction Help protect against credential
More informationCourse Outline. Installing and Configuring Windows 10 Course 20698A 5 days Instructor Led
Installing and Configuring Windows 10 Course 20698A 5 days Instructor Led About this course This five-day instructor-led course provides IT professionals with the knowledge and skills required to install
More informationCERTIFIED SECURE COMPUTER USER COURSE OUTLINE
CERTIFIED SECURE COMPUTER USER COURSE OUTLINE Page 1 TABLE OF CONTENT 1 COURSE DESCRIPTION... 3 2 MODULE-1: INTRODUCTION TO DATA SECURITY... 4 3 MODULE-2: SECURING OPERATING SYSTEMS... 6 4 MODULE-3: MALWARE
More informationMicrosoft Windows Exam Objectives
Microsoft Windows Exam 70-698 s The following correlates the objectives for Microsoft Windows Exam 70-698 (Installing and Configuring Windows 10) to the chapters and sections where they are covered in
More informationPresenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe
Presenting the ware NSX ECO System May 2015 Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe Agenda 10:15-11:00 ware NSX, the Network Virtualization Platform 11.15-12.00 Palo Alto
More informationFull file at Chapter 2: Securing and Troubleshooting Windows Vista
Chapter 2: Securing and Troubleshooting Windows Vista TRUE/FALSE 1. An elevated command prompt can only be attained by an administrator after he or she has responded to a UAC box. T PTS: 1 REF: 70 2. There
More informationDesktop features placemat
Desktop features placemat Home Pro Enterprise Existing Differentiated Features in Win7 /Win8.1 Domain Join and Group Policy Management Existing Win7 / Win 8.1 Enterprise features Windows 10: Management
More informationAustralian Signals Directorate (ASD) Top 35 Reference Card
The Australian Signals Directorate (ASD) published its Strategies to Mitigate Targeted Cyber Intrusions based on its analysis of incidents across the Australian Government. First published in 2010, an
More information