Breach detection and using the Sysinternals tools

• Overview of breach detection
• Using the Sysinternals tools to detect breaches

Protecting credentials and privileged access

• Understanding user rights
• Computer and service accounts
• Protecting credentials
• Understanding privileged-access workstations and jump servers
• Deploying a local administrator-password solution

Limiting administrator rights with Just Enough Administration

• Understanding JEA
• Configuring and deploying JEA

Privileged Access Management and administrative forests

• Understanding ESAE forests
• Overview of MIM
• Implementing JIT and Privileged Access Management by using MIM

Mitigating malware and threats

• Configuring and managing Windows Defender
• Using software restricting policies (SRPs) and AppLocker
• Configuring and using Device Guard
• Using and deploying the Enhanced Mitigation Experience Toolkit

Analysing activity by using advanced auditing and log analytics

• Overview of auditing
• Understanding advanced auditing
• Configuring Windows PowerShell auditing and logging

Analysing activity with Microsoft Advanced Threat Analytics feature and Operations Management Suite

• Overview of Advanced Threat Analytics
• Understanding OMS

Securing your virtualization an infrastructure

• Overview of Guarded Fabric VMs
• Understanding shielded and encryption-supported VMs

Securing application development and server-workload infrastructure

• Using Security Compliance Manager
• Introduction to Nano Server
• Understanding containers

Protecting data with encryption

• Planning and implementing encryption
• Planning and implementing BitLocker

Limiting access to file and folders

• Introduction to FSRM
• Implementing classification management and file-management tasks
• Understanding Dynamic Access Control (DAC)

Using firewalls to control network traffic flow

• Understanding Windows Firewall
• Software-defined distributed firewalls

Securing network traffic

• Network-related security threats and connection-security rules
• Configuring advanced DNS settings
• Examining network traffic with Microsoft Message Analyzer
• Securing SMB traffic, and analysing SMB traffic

Updating Windows Server

• Overview of WSUS
• Deploying updates by using WSUS