This course focuses on new risks, threats, and vulnerabilities associated with the Microsoft Windows operating system. Particular emphasis is placed on Windows XP, Vista, and 7 on the desktop, and Windows Server 2003 and 2008 versions. The course highlights how to use tools and techniques to decrease risks arising from vulnerabilities in Microsoft Windows operating systems and applications. The course also covers more information on Microsoft Windows OS hardening, application security, and incident management.

In addition to premium instructional content from Jones & Bartlett Learning’s comprehensive Information Systems Security and Assurance (ISSA) curriculum, this course provides access to a customized “virtual sandbox” learning environment that aggregates an unparalleled spectrum of cybersecurity applications. Providing instant, unscheduled access to labs from the convenience of a web-browser, this course allows you to practice “white hat” hacking on a real IT infrastructure—these are not simulations. Winner of the “Security Training and Educational Programs” top prize at the prestigious 2013 Global Excellence Awards by Info Security Products Guide, the industry’s leading information security research and advisory guide, these labs provide valuable exposure to complex, real world challenges and over 200 hours of training exercises on how hackers and perpetrators use these applications and tools.

Course Duration:

5 days


This course covers content within the following industry certification exams:

  • Certified Information Systems Security Professional (CISSP) – five content domains covered
  • Security + – four content domains covered
  • System Security Certified Practitioner (SSCP) – six content domains covered
  • National Institute of Standards and Technology (NIST) – seven content domains covered
  • 8570.01 – four content domains covered

What You’ll Learn

  • Security features of the Microsoft Windows operating systems
  • Implement secure access controls when setting up Microsoft Windows in a given organization
  • Set up encryption in a given organization to secure Windows environment
  • Install controls to protect a given Windows system from malware
  • Apply group policy controls and profile and audit tools to keep Windows systems secure
  • Perform backup and restore operations on a given Windows system
  • Design techniques to protect given Windows networks and systems from security vulnerabilities
  • Design techniques to protect given Windows application software from security vulnerabilities
  • Best practices for handling a given Microsoft Windows system and application incident
  • Best practices while managing changes to Windows and its applications

Who Needs to Attend

  • Information security analysts
  • Payroll specialists
  • IT infrastructure security specialists
  • People who decide which information technology and cybersecurity products to acquire for their organization


General knowledge of networking and management information systems

Course Outline

1. The Microsoft Windows Security Situation

  • Windows and the Threat Landscape
  • Security in Microsoft Windows OS

2. Managing and Maintaining Microsoft Windows Security

  • Access Controls in Microsoft Windows
  • Microsoft Windows Encryption Tools and Technologies
  • Protecting Microsoft Windows Against Malware
  • Group Policy Controls in Microsoft Windows
  • Microsoft Windows Security Profile and Audit Tools
  • Microsoft Windows Backup and Recovery Tools
  • Microsoft Windows Network Security
  • Microsoft Windows OS Security Administration

3. Microsoft Windows OS and Application Security Trends and Directions

  • Hardening the Windows OS
  • Microsoft Application Security
  • Microsoft Windows Incident Handling and Management
  • Microsoft Windows and the Security Lifecycle
  • Best Practices for Microsoft Windows and Application Security


Lab 1: Configure Active Directory and Implement Departmental and User Access Controls

Lab 2: Implement Access Control Lists to Secure Folders and Read/Write/Access to Files

Lab 3: Configure BitLocker and Windows Encryption

Lab 4: Scan and Remove Malware from Windows Systems

Lab 5: Use Group Policy Objects to Secure Windows Systems

Lab 6: Create a Backup and Restore a Windows Environment

Lab 7: Secure Windows Systems Using a Security Configuration Wizard and Manual Setting

Lab 8: Secure Windows Client and Server Applications

Lab 9: Protect Digital Evidence, Documentation and the Chain of Custody

Lab 10: Use Microsoft Baseline Security Analyzer to Harden a Windows Server

Software used in these labs include: Windows Active Directory, lcacls.exe, Microsoft Encrypting File System, Microsoft BitLocker Drive Encryption, AVG, Windows Defender, Microsoft Baseline Security Analyzer (MBSA), Windows Server Backup, Microsoft Windows Firewall, Microsoft Windows Security Configuration Wizard, and Microsoft Internet Information Services (IIS). Please note that software may be updated or changed to keep pace with new data in the field.