What You Will Learn
1. Windows Network Configurations
- past, present, and future Windows versions
- workgroup defined
- domain defined
- the Windows security model
- security issues with Windows network configurations
- Windows network configuration security safeguards

2. Active Directory
- overview of Active Directory
- Active Directory terms and definitions
-- domain controllers and RODCs
-- domain, tree, forest, root
-- organizational units
-- AD Sites
-- FSMOs, global catalogs, schema
-- domain and forest functional levels
- Active Directory supporting services
-- DNS, LDAP, Kerberos
-- certificate services, terminal services
- Active Directory security issues
- Active Directory safeguards

3. LDAP and Active Directory
- overview of LDAP
- LDAP components and details
- LDAP command line tools
- LDAP testing and security tools
- security issues with LDAP
- LDAP safeguards

4. DNS and Active Directory
- overview of DNS
- DNS components and details
- DNS tools and commands
- security issues with DNS
- DNS safeguards

5. User and Group Accounts
- default domain accounts
- creating new domain accounts
- SID and token defined
- user and group account properties
- user rights
- security issues with user and group accounts
- user and group account safeguards

6. Windows Authentication
- logging on, user profiles, and cached credentials
- user account passwords
-- Windows Server 2000/2003 account passwords
-- Windows Server 2008 fine-grained passwords
-- measures to protect passwords
- authentication protocols
- anonymous connections and controls
- security issues with Windows authentication
- Windows authentication safeguards

7. Windows Domain Trusts
- AD internal trusts
- external trusts
- tools to control trusts
- security issues with trusts
- trust safeguards

8. Administrator and Alternate Credential Authentication
- using RunAs
- should administrators have dual accounts?
- using and controlling User Account Control (UAC)

9. Securing Network Resources
- network resource defined
- NTFS permissions and the ACL
- shared folders
- shared permissions
- access-based enumeration
- encrypting file system
- using Group Policy to set permissions

10. Centralized Administration using Group Policy
- Group Policy overview
- Group Policy processing
- Group Policy inheritance
- Group Policy delegation
- Group Policy backup and recovery
- default Group Policy objects and settings
- Group Policy documentation and auditing
- GP commands and using PowerShell
- controlling security using Group Policy
- security templates
- security configuration and analysis
- security Configuration Wizard
- advanced Group Policy management

11. Windows Security Auditing and Logging
- accessing and configuring auditing
- centralized logging with subscriptions
- controlling the security logs with Event Viewer and AuditPol
- configuring security log triggers
- controlling and configuring security log access
- security baselines and guidelines

12. Active Directory Administration and Delegation
- overview of AD administration and delegation
- designing for AD delegation
- creating AD task pads
- AD administration and delegation security issues
- AD administration and delegation safeguards

13. Tools for Deploying and Gathering Security Controls
- hot fixes and service packs
- using WSUS to protect Windows computers
- using MBSA to audit Windows computers
- DUMPSEC and Hyena

14. Performing a Windows Audit
- what should be gathered
- which servers should be audited
- which security controls should be included
- how to efficiently gather security information
- developing an audit program
- hands-on-lab analyzing a Windows Active Directory network