SIGN IN YOUR ACCOUNT TO HAVE ACCESS TO DIFFERENT FEATURES

FORGOT YOUR PASSWORD?

FORGOT YOUR DETAILS?

AAH, WAIT, I REMEMBER NOW!
Need Help? Email [email protected]
  • LOGIN

E-SPIN Group

CONTACT US / GET A QUOTE
  • No products in cart.
  • HOME
  • PROFILE
    • Corporate Profile
    • About us
    • Customer Overview
    • Investor Relations
    • Procurement
  • GLOBAL THEMES
    • Artificial Intelligence (AI)
    • Big Data
    • Blockchain
    • Cloud Computing
    • Cognitive Computing
    • Cyber Security
    • DevSecOps
    • Digital Transformation (DT)
    • Modern Workplace
    • Internet of Things (IoT)
    • Quantum Computing
  • SOLUTIONS
    • Application Security
    • DevSecOps
    • Digital Forensics
    • IT Operations Management (ITOM)
    • Malware Analysis and Reverse Engineering
    • Network Management System (NMS)
    • Network Operation (NetOps)
    • Network Performance Monitoring and Diagnostics (NPMD)
    • Penetration Testing
    • Secure Development
    • Security Information & Event Management (SIEM)
  • INDUSTRIES
    • Aerospace & Defense
    • Automotive
    • Banking & Financial Markets
    • Chemical & Petroleum
    • Commercial and Professional Services
    • Construction & Real Estate
    • Consumer Products
    • Education
    • Electronics
    • Energy & Utilities
    • Food & Beverage
    • Information Technology
    • Insurance
    • Healthcare
    • Goverment
    • Telecommunications
    • Transportation
    • Travel
    • Manufacturing
    • Media & Entertainment
    • Mining & Natural Resources
    • Life Sciences
    • Retail
  • PRODUCTS
    • Brand Overview
      • Acunetix
      • E-Lock
      • Hex-Rays
      • Immunity
      • Progress | Ipswitch
      • Metageek
      • Qualys
      • Parasoft
      • Tenable
      • Titania
      • Veracode
    • Rest of Brands
      • Adobe
      • BeyondTrust
      • Core Security
      • DefenseCode
      • HCL
      • ImmuniWeb
      • LiveAction
      • McAfee
      • Micro Focus
      • Microsoft
        • Microsoft Surface
      • Netsparker
      • Nutanix
      • Paessler
      • PECB
      • Portswigger
      • Red Hat
      • Riverbed
      • RSA
      • Solarwinds
      • TamoSoft
      • Trend Micro
      • TSFactory
      • Trustwave
      • VMware
      • VanDyke
      • Visiwave
    • Services Overview
    • Line Card
  • e-STORE
    • e-STORE
    • eSTORE Guide
    • SUPPORT
  • CAREERS
    • Careers
    • Culture, Values and CSR
    • How We Hire
    • Job Openings
  • BLOG / NEWS
    • Blogs and News
    • Resources Library
    • Calendar of Events
  • CONTACT
  • Home
  • Solution
  • GIAC Certified Windows Security Administrator (GCWN)
Global Information Assurance Certification (GIAC)
0
E-SPIN
Thursday, 19 July 2012 / Published in Solution

GIAC Certified Windows Security Administrator (GCWN)

GIAC Certified Windows Security Administrator (GCWN)

Type: Certification

Course: No Specific training is required for any GIAC certification. If candidates need help in mastering the objectives for this certification, there are many sources of information available. Practical experience is one option; there are also numerous books on the market covering Computer Information Security. Another option is SANS training, or any relevant courses from other training providers.

Target:  Individuals responsible for installing, configuring, and securing Microsoft Windows 2000/XP/2003 networks.GIAC Certified Windows System Administrators (GCWNs) have the knowledge, skills and abilities to secure and audit Windows systems, including services such as Group Policy, Active Directory, Internet Information Server, IPSec and Certificate Services.

Requirements: 1 proctored exam – 150 questions – 4-hour time limit – 70% (105 of 150 questions) minimum passing score

Renewal: Every 4 years

Delivery: Exams are delivered online through a standard web browser. For exams purchased with SANS training, access to the exam will be available 7-10 days following the end of the conference. Standalone challenge exams are issued within 24 hours upon receipt of payment. You will receive an email from GIAC when your exam has been issued to your portal account. You have 120 days to complete the exam from the time we send notice that it is available. The exams are proctored and should be scheduled using our

Securing Windows, Security 505

Course overview

Will you be transitioning from Windows XP to Windows 7? The Securing Windows track is fully updated for Windows Server 2008-R2 and Windows 7. Most of the content applies to Windows Server 2003 and XP too, but the focus is on 2008/Vista/7.

Concerned about the 20 Critical Security Controls of the Consensus Audit Guidelines? This course will help you implement the. not just audit them, and will walk you through most of the tools step-by-step too.

As a Windows security expert, how can you stand out from the crowd and offer management more than the usual apply-this-checklist advice? Be a security architect who understands the big picture. You can save your organization money, maintain compliance with regulations, secure your networks, and advance your career all at the same time. How? By leveraging the Windows infrastructure you’ve already paid for.

The Securing Windows track at SANS (SEC505) is a comprehensive set of courses for Windows security architects and administrators. It tackles tough problems like Active Directory forest design, how to use Group Policy to lock down desktops, deploying a Microsoft PKI and smart cards, pushing firewall and IPSec policies out to every computer in the domain, securing public IIS web servers, and PowerShell scripting.

PowerShell is the future of Windows scripting and automation. Easier to learn and more powerful than VBScript, PowerShell is an essential tool for automation and scalable management. And if there’s one skill that will most benefit the career of a Windows specialist, it’s scripting, because most of your competition lack scripting skills, so it’s a great way to make your resume stand out. Scripting skills is also essential for being able to implement the 20 Critical Security Controls.

You are encouraged to bring a virtual machine running Windows Server 2008 Enterprise Edition configured as a domain controller, but this is not a requirement for attendance since the instructor will demo everything discussed on-screen. You can get a free evaluation version of Server 2008 from Microsoft’s web site (just do a Google search on “site:microsoft.com Server 2008 trial”). You can use VMware, Virtual PC or any other virtual machine software.

This is a fun and fascinating course, a real eye-opener even for Windows administrators with years of experience. Come see why there’s a lot more to Windows security than just applying patches and changing passwords; come see why a Windows network needs a security architect.

Who Should Attend?

  • Windows network security engineers and architects.
  • Windows administrators with security duties.
  • Anyone with Windows machines who wants to implement the SANS 20 Critical Security Controls
  • Active Directory designers and administrators.
  • Those who must enforce security policies on Windows hosts.
  • Those deploying or managing a PKI or smart cards.
  • IIS administrators and webmasters with web servers at risk.
  • Administrators who use the command line or scripting to automate their duties and must learn PowerShell (the replacement for CMD scripting and VBScript).

Securing Active Directory and DNS Day:

  • Read-Only Domain Controllers (RODC)
  • Securing Domain Controllers
  • SYSKEY.EXE
  • Disaster Planning and Recovery
  • Encrypting Replication Traffic
  • Property-Level Permissions (DACLs)
  • Audit Settings (SACLs)
  • Delegation of Authority
  • Organizational Unit Design
  • Custom MMC Consoles
  • The “Empty Root” Domain Model
  • Best Practices for Forest Design
  • DNS SRV Records
  • Unix BIND Integration
  • Secure Dynamic Updates
  • Best Practices for Securing DNS

Group Policy Day:

  • The Group Policy Management Console (GPMC)
  • Security Templates
  • Security Configuration and Analysis MMC Snap-In
  • SECEDIT.EXE
  • Group Policy Objects (GPOs)
  • GPO Links to Domains, OUs and Sites
  • Order of Precedence Processing: LSDOU
  • WMI Filtering
  • Custom ADM/ADMX Templates
  • MSI Deployment through Group Policy
  • Pushing Out Scripts
  • Software Restriction Policies
  • Managing Internet Explorer Settings
  • Replacing the Desktop Interface
  • Micro-Managing Users’ Applications

PKI, EFS and BitLocker Day:

  • Why Must I Have A PKI?
  • Examples: Smart Cards, VPNs, Wireless, SSL, S/MIME, etc.
  • How To Install The Windows PKI
  • Root vs. Subordinate Certification Authorities
  • Should You Be Your Own Root CA?
  • Controlling Certificate Enrollment
  • How To Manage Your PKI
  • Group Policy Deployment of Certificates
  • How To Revoke Certificates
  • Automatic Private Key Backup
  • Delegation of Authority
  • Deploying Smart Cards
  • Smart Card Enrollment Station
  • Best Practices for Private Keys
  • Encrypting File System
  • EFS Insecurity Myths
  • BitLocker Drive Encryption
  • TPM and USB BitLocker Options
  • BitLocker Emergency Recovery
  • MANAGE-BDE.WSF
  • Best Practices for EFS and BitLocker

IPSec, Windows Firewall, NPS, VPNs and Wireless Day:

  • Secure Socket Tunneling Protocol (SSTP)
  • Isn’t IPSec Just For VPNs? No!
  • IPSec Domain Isolation
  • How to Create IPSec Policies
  • Group Policy Management of IPSec
  • NETSH.EXE
  • Windows Firewall with Advanced Security
  • Configuring RADIUS Policies (NPS)
  • EAP vs. PEAP
  • PEAP-MS-CHAPv2
  • Smart Cards for VPN
  • IPSec + L2TP = RRAS VPNs
  • L2TP vs. PPTPv2
  • Host-to-Router VPN Configuration Steps
  • Router-to-Router VPN Configuration Steps
  • VPN Best Practices
  • Securing Wireless Networks
  • Wi-Fi Protected Access (WPA)
  • Smart Cards for Wireless
  • Best Practices for Wireless

Securing IIS Day:

  • FTP Over SSL (FTPS)
  • IIS Server Hardening
  • Security Template for IIS
  • Patch Management
  • Removing Dangerous Services
  • Securing WebDAV
  • Managing Bindings
  • Hardening TCP/IP
  • IPSec for IIS Servers
  • Authentication Options
  • Kerberos and NTLM for Web Applications
  • Smart Cards for Web Applications
  • Minimal HTTP Permissions
  • Minimal NTFS Permissions
  • Proper NTFS Auditing
  • Running Scripts and Binaries on IIS
  • Web-Based Applications
  • Worker Process Isolation
  • HTTP.SYS Filtering
  • Securing XML Config Files
  • Securing Logs Hands-Free
  • Finding Hacking Signatures In Logs

PowerShell Scripting Day:

  • What is PowerShell?
  • CmdLets
  • Running Scripts
  • Namespace Providers
  • Piping .NET Objects
  • Parameter Binding
  • Regular Expressions
  • Functions and Filters
  • The .NET Class Library
  • Using Properties and Methods at the Command Line
  • Security and Execution Policy
  • Managing the Event Logs
  • Accessing COM Objects: WMI, ADSI, ADO, etc.

Securing Active Directory and DNS, Security 505-Day 1

For a security architect, Active Directory is the foundation upon which the rest of Windows security depends. Active Directory (AD) is the infrastructure behind the other security infrastructures, such as PKI, identity management, Network Access Protection, and Group Policy. A compromise of AD, such as hacker accounts being added to the Enterprise Admins group, would lead to the collapse of all other security safeguards tied to it. And some of our most likely adversaries are other Domain Admins who have good intentions, but don’t know what they’re doing, hence, we must also delegate authority in AD to limit this kind of accidental damage.

Unfortunately, there is a lot of misinformation circulating out there about Active Directory security. For example, are you actually getting any benefit from having an “empty root domain” or does it just create hassles? Do you place your public IIS servers in your primary domain, in a new domain, or in a completely new forest with a cross-forest trust? Are all of your branch office domain controllers physically secured, or are you using read-only domain controllers, or both? Why is a “server core” domain controller supposedly more secure than a standard installation when they both have the exact same services listening on the same port numbers? AD design was never simple to begin with, and now it’s even more complex with Server 2008 and later.

This course will quickly get you on top of what you need to know about Active Directory security and delegation of authority. Importantly, this course is not an introduction to AD or an overview of basic administration topics. This is a course for people who already manage AD, need to plan a redeployment, or must lock down what they’ve got.

DNS is the Achilles’ heel of Active Directory. SRV records in DNS are what provide fail-over fault tolerance and load-balancing to AD (not the cluster service, NLB, or round robin) and DNS is often overlooked. In addition to Active Directory security, we’ll also cover what’s new and different for DNS security too. This won’t be an introduction to DNS, we’ll jump straight into DNS security.

Who Should Attend This Course:

  • All Windows administrators and security architects.
  • Anyone redesigning their forest and trust structures.
  • Anyone deciding where to place domain-joined IIS servers.
  • Anyone who does identity management.
  • Anyone trying to delegate authority safely in AD.
  • Anyone who manages Windows DNS servers.
  • Topics Covered

Securing Domain Controllers

  • Read-Only Domain Controllers
  • Server Core
  • SYSKEY.EXE
  • Disaster Planning and Recovery
  • Encrypting Replication Traffic
  • Replication Fault Tolerance
  • NTDSUTIL.EXE
  • FSMO Role Assignments

Active Directory Access Control Lists

  • Property-Level Permissions (DACLs)
  • Auditing (SACLs)
  • Command-Line Tools
  • DSACLS.EXE

Delegation of Authority

  • Leveraging AD Permissions
  • Delegation Wizard
  • Organizational Unit Design
  • Delegating Password Reset
  • Custom MMC Consoles

Forest Designs

  • Different Types of Trusts
  • The “Empty Root” Domain Model
  • Extranet Forest (IIS)
  • Best Practices for Forest Design

Secure Dynamic DNS

  • SRV Records
  • Unix BIND Integration
  • No More Zone Files
  • No More Secondaries
  • Secure Dynamic Updates
  • DHCP Integration

Enforcing Critical Controls With Group Policy, Security 505- Day 2

Group Policy is the most underutilized security technology in the world. But not because no one is buying it, you already own it, it’s built into Windows for free. If doing more with what you’ve already got is the hallmark of efficiency, then most organizations can do a lot more with the Group Policy investment they’ve already made.

Group Policy can be used to manage BitLocker encryption policies, regulate which applications users can run, push scripts out to computers which are then automatically executed, reconfigure NTFS permissions and audit settings, deploy MSI software installation packages, set password and account lockout policies, distribute IPSec encryption settings to all workstations and servers, change EFS recovery agents, control which Certification Authorities users should trust, set any number of registry values, and much much more. In fact, it’s better to ask what cannot be managed through Group Policy than the other way around.

In this course we’ll see how to use Group Policy to lock down desktops and servers, implement many of the SANS 20 Critical Controls, enforce regulatory compliance changes, configure services and applications, and scale our work out to thousands of systems conveniently. If you’ve never seen Group Policy before, you’re in for a shock (a good shock!) and if you’ve been using Group Policy for years, this course should expand your understanding even more since the emphasis is on security, not Group Policy in general.

Who Should Attend This Course:

  • All Windows administrators and security architects.
  • Anyone who must efficiently manage large numbers of computers.
  • Anyone who needs to apply the SSLF or EC templates to their systems.
  • Topics Covered

Security Templates

  • What Are Security Templates?
  • How To Get/Make Templates
  • Security Configuration and Analysis MMC Snap-In
  • SECEDIT.EXE
  • Auditing With Templates

What is Group Policy?

  • Group Policy Objects (GPOs)
  • GPO Links to Domains, OUs and Sites
  • Order of Precedence Processing: LSDOU
  • The Group Policy Management Console (GPMC)

Fine-Tuning Group Policy

  • Block Inheritance.
  • No Override/Enforced
  • Slow Link Detection
  • WMI Filtering
  • Custom ADM Templates

Updating Vulnerable Software

  • Windows Installer Service
  • Deployment through Group Policy
  • Example: Pushing Out Service Packs

Pushing Out Scripts

  • Automatic Deployment and Execution
  • Startup, Shutdown, Logon and Logoff Scripts
  • Languages Supported

Enforcing Critical Controls

  • User Account Control (UAC)
  • Software Restriction Policies
  • Managing Internet Explorer Settings
  • Replacing the Desktop interface
  • Micro-Managing The User’s Applications

Windows PKI, EFS and BitLocker, security 505- day 3

Public Key Infrastructure (PKI) is not an optional security infrastructure anymore. Windows Server includes a complete built-in PKI for managing certificates and making their use transparent to users. With Windows Certificate Services you can be your own private Certification Authority (CA) and generate as many certificates as you want at no extra charge.

Digital certificates play an essential role in Windows security: IPSec, EFS, secure e-mail, SSL/TLS, Kerberos authentication with smart cards, smart card authentication to IIS and VPN servers, script signing, etc., they all use digital certificates. Everything needed to roll out a smart card solution, for example, is included with Windows except for the cards and readers themselves, and generic cards are available in bulk for cheap.

You also have to encrypt your laptops and portable drives to stay in compliance, but why spend a fortune on third-party products when BitLocker and EFS are built into Windows already? Both EFS and BitLocker are manageable through Group Policy, both have automatic encryption key archival features for recovery, both require little or no user training, and both can be used to encrypt portable USB drives. If you have a TPM chip in your motherboard, it can help BitLocker to detect rootkits, but note that a TPM chip is definitely not required to use BitLocker.

Planning a PKI or data encryption project isn’t easy, and mistakes and redeployments can be costly, so this course in part is designed to assist in the planning process to help avoid these mistakes. If you’re not encrypting laptops and portable drives now, you will be soon, and BitLocker/EFS can save your organization money while making the deployment relatively easy. Using Group Policy, you can manage most features of BitLocker and EFS on all your machines without having to configure each of them by hand.

Who Should Take This Course?

  • All Windows administrators and security architects.
  • Anyone who is planning a PKI deployment.
  • Anyone who is planning a data encryption deployment.
  • Anyone new to PKI or practical cryptography.
  • Topics Covered

Why Must I Have A PKI?

  • Not Optional Anymore, You Don’t Have A Choice
  • Windows Security Designed for PKI
  • Examples: Smart Cards, IPSec, WPA Wireless, SSL, S/MIME, etc.
  • Biometrics and PKI Were Made for Each Other

How To Install The Windows PKI

  • Root vs. Subordinate Certification Authorities
  • Should You Be Your Own Root CA?
  • Custom Certificate Templates
  • Controlling Certificate Enrollment

How To Manage Your PKI

  • Group Policy Deployment of Certificates
  • Group Policy PKI Settings
  • How To Revoke Certificates
  • Automatic Private Key Backup
  • Delegation of Authority

Deploying Smart Cards

  • Everything You Need Is Built-In
  • Smart Card Enrollment Station
  • Group Policy Deployment

Encrypting File System

  • How to Encrypt and Recover Data
  • EFS Insecurity Myths
  • Sharing Encrypted Files
  • CIPHER.EXE

BitLocker Drive Encryption

  • TPM and USB Options
  • Emergency Recovery
  • Group Policy Management
  • MANAGE-BDE.WSF
  • Best Practices for EFS and BitLocker

Windows Firewall, IPSec, Wireless and VPNs, Security 505- Day 4

The Windows Firewall in Windows 7/2008 has been greatly enhanced over the crude firewall in XP. One of the best features of the new Windows Firewall is its easy-to-use integration with IPSec, and both IPSec and the Firewall are manageable through Group Policy. There really is no compelling reason to purchase third-party firewalls for Windows anymore, that money can be better spent elsewhere.

IPSec is not just for VPNs. IPSec can authenticate endpoints against Active Directory to implement something like IPSec-based VLANs defined by global group memberships, and IPSec can also encrypt packet payloads to keep data secure. Imagine configuring the Windows Firewall on all your servers and workstations to only permit access to RPC or File And Print Sharing ports if 1) the client has a local IP address, 2) the client is authenticated by IPSec to be a member of the domain, and 3) the packets are all encrypted with AES. This is not only possible, but is actually relatively easy to deploy with Group Policy. We will see exactly how to do this in seminar.

Windows Server includes a built-in RADIUS service that can be used to regulate access to VPN gateways, wireless access points, dial-up servers, and any other RADIUS-compliant access device. Everything you need for a full VPN solution on both the client-side and server-side is built into Windows for free. Everything you need for a WPA2 wireless network solution, including certificate-based PEAP authentication, is built into Windows for free. This week we will see step-by-step exactly how to set it all up, including the PKI.

Windows Server 2008 and later also natively supports SSL VPNs, so you don’t have to use IPSec or PPTP if you prefer not to. SSL VPNs operate on TCP port 443 and are easy to enable once the RADIUS policies are configured. You don’t need to purchase a new expensive SSL VPN appliance if you’ve already got the Windows Server license.

In short, this course is about how to use the Windows Firewall, IPSec, RADIUS, the RRAS VPN gateway service, and WPA2 for 802.11 wireless to secure the network layer in our Windows environments. Virtually all these client settings, including wireless settings, are manageable through Group Policy.

Who Should Attend This Course?

  • All Windows administrators and security architects.
  • Anyone who needs to secure network traffic in Windows LANs.
  • Anyone who wants to use IPSec for more than just VPNs.
  • Anyone who needs an SSL or IPSec VPN solution.
  • Anyone who needs a secure 802.11 wireless solution.
  • Anyone who needs to understand Windows RADIUS policies.
  • Topics Covered

The New Windows Firewall

  • Group Policy management
  • Application awareness
  • Location awareness
  • IPSec integration

Why Use IPSec?

IPSec Is NOT Just For VPNs!

  • Packet Encryption and Integrity
  • User/Computer Authentication
  • Transparent to Users
  • Group Policy Management
  • NETSH.EXE

Creating IPSec Policies

  • Packet Filtering with IPSec
  • Encryption Options
  • Scripting IPSec Policies
  • Require vs. Prefer IPSec

RADIUS for Network Security

  • Smart Card Authentication
  • EAP vs. PEAP
  • PEAP-MS-CHAPv2
  • Firewalling Options
  • Require Strong Encryption and Authentication
  • Limit Access To Chosen Global Groups

Virtual Private Networking

  • SSTP = SSL VPN
  • IPSec + L2TP
  • Host-to-Router VPN Configuration Steps
  • Router-to-Router VPN Configuration Steps
  • VPN Best Practices

Securing Wireless Networks

  • Wi-Fi Protected Access (WPA2)
  • RADIUS Policy Enforcement
  • Certificates For Laptops And Users
  • PKI Integration
  • Wireless Best Practices

Securing IIS 7.0, Security 505-day 5

IIS 7.0 in Windows Server 2008 is not an incremental upgrade, it’s a whole new beast. Both the management GUI and the underlying architecture are very different than before. IIS is highly modular, meaning that we can strip away what we don’t need, but we can also add modules to enhance security. For example, the URL Rewrite module can use regular expressions, just like Apache’s mod_rewrite, to block attacks or modify requests, making this module much more powerful than URLSCAN.

Something else new is FTP over SSL (FTPS) for secure file transfer. No matter where you go, you can always securely get to your files using FTPS or WebDAV over SSL. WebDAV can use SSL for file management too, hence, you can map a drive letter on Windows 7/2008 over SSL to a WebDAV share on IIS.

IIS is a magnet for hackers, so great care must be taken in planning how to deploy and configure Microsoft’s notorious web server. In this course, we will talk about how to harden the OS, how to strip IIS down to its essentials to reduce its attack surface, how to enforce authentication and authorization rules, how to implement application-layer HTTP filtering rules, and in general how to help keep your web site from becoming another victim statistic. During the day, the Code Red worm will be used as an example of an exploit which could have been easily blocked through proper configuration even if the patch for Code Red had not been applied prior to the attack. IIS security is much more than just setting up a firewall and applying patches, it’s about proactively anticipating tomorrow’s attacks and being ready for them.

The demand for IIS security personnel is great because IIS is so widely deployed. This course focuses on IIS 7.0 in Windows Server 2008, but many of the principles discussed will apply to IIS 6.0 as well. You won’t be left out if you’re still running IIS 6.0. If you’re new to IIS 7.0, this course will get you up to speed.

Who Should Attend This Course:

  • All Windows administrators and security architects.
  • Anyone who is responsible for IIS servers.
  • Anyone who needs secure remote access to files without a VPN.
  • IIS web application developers.
  • Topics Covered

Server Hardening

  • Security Templates and Group Policy
  • Service Packs and Hotfixes
  • Website Location
  • Dangerous Files
  • Dangerous Services
  • WebDAV
  • Protocols and Bindings
  • TCP/IP Parameters
  • IPSec Filtering and Authentication

XML Configuration System

  • The metabase is gone
  • How the XML configuration files work
  • The new GUI management interface

IIS Authentication and Authorization

  • Anonymous, Basic, Digest, Kerberos, and NTLM Authentication
  • Smart Card Certificate Authentication to IIS
  • IIS/HTTP Permissions
  • NTFS Permissions and Auditing
  • Running Scripts and Binaries on IIS
  • How to configure SSL/TLS

Web-Based Applications

  • Worker Processes
  • Application Pools
  • HTTP.SYS
  • Buffer Overflow Attacks
  • URL Rewrite Module
  • Request Filtering
  • Process Isolation Techniques

Logging and Auditing

  • Event Viewer Logs
  • IIS Logs and Accounting
  • Hacking Signatures in Logs
  • SSL Connection Logging
  • Securing Log Files

FTP Over SSL (FTPS)

  • How to configure FTPS
  • FTPS clients and issues

Windows PowerShell, Security 505-day 6

Finally! We’ve been waiting for years!

PowerShell is Microsoft’s upgrade for the old CMD.EXE shell and a Perl-like scripting language for it too. PowerShell is available as a free download for Windows XP/2003/Vista and is built into Windows 7/2008 and later operating systems by default (http://www.microsoft.com/powershell/).

PowerShell takes the best features of UNIX shells, like ksh and bash, and then blows them out of the water. What’s the big deal? PowerShell rides on top of the .NET Framework, hence, the entire .NET class library is available at the command prompt. And, when PowerShell scripts and tools pipe data into other PowerShell scripts and tools, it’s not plain text that gets piped, but entire .NET objects, including all their properties and methods.

PowerShell is the future of administrative scripting on Windows. For example, Exchange Server 2007 and Operations Manager 2007 have graphical management tools, but these tools are really just GUI wrappers for PowerShell commands. Microsoft has promised that other products will be PowerShell-ized too, and the long-term trend is clear: almost everything in Windows will eventually be built on top of the .NET Framework, and now that also includes the command shell.

What about managing older systems and software? PowerShell can access scriptable COM objects just like VBScript and JavaScript. This means you can use PowerShell with Windows Management Instrumentation (WMI), Active Directory Services Interface (ADSI), ActiveX Data Objects (ADO), and other COM interfaces. So while VBScript gives you COM, PowerShell gives you both .NET and COM.

And just like the old CMD shell, PowerShell is also designed to run built-in binaries like WMIC.EXE, NETSH.EXE, SC.EXE, etc., but with a scripting language that’s far more flexible than CMD batch scripting. What does the PowerShell scripting language look like? It looks a little bit like Perl or C#, but it’s not half as difficult for new coders to learn.

To attend the course, you don’t have to bring a laptop, but if you do, get the latest version of PowerShell from Microsoft (http://www.microsoft.com/powershell/). A CD-ROM will be handed out by the instructor with sample scripts and other files with which to experiment.

During the course we will walk through all the essentials of PowerShell together. The course presumes nothing, you don’t have to have any prior scripting experience to attend. And, most importantly, be prepared to have fun: PowerShell is just plain cooooooool…

Who Should Attend This Course:

  • Windows administrators and security architects
  • Exchange Server 2007 administrators
  • Batch file coders looking to upgrade
  • UNIX admins who want to feel more at home on Windows
  • Anyone who writes scripts for Windows: PowerShell is the future!

Topics Covered:

  • What is PowerShell?
  • Cmdlets
  • Running Scripts
  • Namespace Providers
  • Piping Objects
  • Parameter Binding
  • Regular Expressions
  • Functions and Filters
  • The .NET Class Library
  • Using Properties and Methods at the Command Line
  • Accessing COM Objects: WMI, ADSI, ADO, etc.
  • Security and Execution Policy
  • And lots and lots of sample scripts to walk through…

 

Tagged under: Certification, Class, espin, espincorp, GIAC Certified Windows Security Administrator (GCWN), Training

What you can read next

What is Software Defined Security for SDN?, Reasons why behavior based IoC enhance security
What is Software Defined Security for SDN?
The security struggle of Digital Transformation, Basics of Supply Chain Security
The security struggle of Digital Transformation
Web Security Assessment as a Service (WASA) Technical Overview by E-SPIN
McAfee Security Scanner for Databases

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • 5 huge benefit of digital transformation

    In search for digital service excellence

    In the 1980s, Tom Peter was published In search...
  • Why paper planner, notebook and journal still one of modern productivity tool

    Paper planner is symbol of dated work practice?...
  • The future of work after COVID-19

    Let’s get real, despite the vaccine rolli...
  • Retail trends for 2021 and beyond

    After a year long of COVID-19 pandemic, lockdow...
  • AppSec Lab AppUse Pro product discontinued notice

    For all the business partners and customers, Be...

Recent Comments

  • Dorai M on 5 Common ML Challenges Data Scientists Face

Archives

  • March 2021
  • February 2021
  • January 2021
  • December 2020
  • November 2020
  • October 2020
  • September 2020
  • August 2020
  • July 2020
  • June 2020
  • May 2020
  • April 2020
  • March 2020
  • February 2020
  • January 2020
  • December 2019
  • November 2019
  • October 2019
  • September 2019
  • August 2019
  • July 2019
  • June 2019
  • May 2019
  • April 2019
  • March 2019
  • February 2019
  • January 2019
  • December 2018
  • November 2018
  • October 2018
  • September 2018
  • August 2018
  • July 2018
  • June 2018
  • May 2018
  • April 2018
  • March 2018
  • February 2018
  • January 2018
  • December 2017
  • November 2017
  • October 2017
  • September 2017
  • August 2017
  • July 2017
  • June 2017
  • May 2017
  • March 2017
  • January 2017
  • December 2016
  • November 2016
  • October 2016
  • September 2016
  • August 2016
  • July 2016
  • June 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • January 2016
  • December 2015
  • November 2015
  • October 2015
  • September 2015
  • August 2015
  • July 2015
  • June 2015
  • January 2015
  • December 2014
  • October 2014
  • September 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • February 2014
  • January 2014
  • December 2013
  • November 2013
  • October 2013
  • September 2013
  • July 2013
  • June 2013
  • May 2013
  • April 2013
  • March 2013
  • February 2013
  • January 2013
  • December 2012
  • November 2012
  • October 2012
  • September 2012
  • August 2012
  • July 2012
  • June 2012
  • May 2012
  • February 2012
  • July 2011
  • June 2011
  • February 2009
  • July 2008

Categories

  • Acunetix
  • Adobe
  • Aerospace and Defence
  • AppSec Labs
  • Automotive
  • Banking and Financial Markets
  • BeyondTrust
  • Brand
  • Chemical and petroleum
  • Codified Security
  • Commercial and Professional Services
  • Construction and Real Estate
  • Consumer products
  • Contact Us
  • Core Impact
  • Core Security
  • DefenseCode
  • E-Lock
  • Education
  • Electronics
  • Energy and utilities
  • FAQ
  • Food and Beverage (F&B)
  • GFI
  • Global Themes and Feature Topics
  • Government
  • HCL
  • Healthcare
  • Hex-Rays
  • IBM
  • Immunity
  • ImmuniWeb
  • Industries
  • Information Technology
  • Insurance
  • Ipswitch
  • Job
  • Life Science
  • LiveAction
  • Logpoint
  • Manufacturing
  • McAfee
  • Media and Entertainment
  • Metageek
  • Micro Focus
  • Microsoft
  • Mining and Natural Resources
  • Nessus
  • Netsparker
  • News
  • Nutanix
  • Paessler
  • Parasoft
  • PECB
  • PortSwigger
  • Pradeo
  • Product
  • Qualys
  • Rapid7
  • RedHat
  • Retail
  • Retina
  • Riverbed
  • RSA
  • Security Innovation
  • Security Roots
  • Services
  • SILICA
  • Smart City
  • Soft Activity
  • SolarWinds
  • Solution
  • Symantec
  • TamoSoft
  • Telecommunications
  • Tenable
  • Titania
  • Transportation
  • Travel
  • Trend Micro
  • Trustwave
  • TSFactory
  • Uncategorized
  • Vandyke
  • Veracode
  • Videos
  • VisiWave
  • VMware
  • Webinar Archive

Meta

  • Log in
  • Entries feed
  • Comments feed
  • WordPress.org

CORPORATE

  • Profile
  • About us
  • Careers
  • Investor Relations
  • Procurement

SOLUTIONS & PRODUCTS

  • Industries
  • Solutions
  • Products
  • Brand Overview
  • Services

STORE & SUPPORT

  • Shop
  • Cart
  • Checkout
  • My Account
  • Support

PRODUCTS & SERVICES

  • Industries
  • Solutions
  • Products
  • Brand Overview
  • Services

FOLLOW US

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn
  • YouTube
  • WordPress Blog
© 2005 - 2021 E-SPIN Group of Companies | All rights reserved.
  • Contact
  • Privacy
  • Terms of use
TOP