Windows & Safety: The fundamental ones

General information Code: WSF Duration: 3 days Present: 10 Maximum Price: 1750 € HT Public concerned RSSI Engineers/Technicians System administrators Pre-necessary None Means Support of course (180 pages) 1 PC by anybody CD of tools Windows environment of demonstration and tests Objectives To install protected a Windows system To install and make safe the basic services of Windows Server To protect the stations customers from the attacks against the users To deploy a protected system of authentification centralized To practise audits of vulnerabilities and to integrate a process of day before sedentary	Description In this formation all the techniques of security of a Windows system reviewed as a station customer or like waiter of production. You will in particular learn how there to make safe the core like configuring the system and the services standard networks and applicatifs (IIS, DNS, Exchange, NETBIOS, IPsec…). You will use tools and methodologies of monitoring and day before Windows park to prevent the intrusions or to detect them, if necessary. Lastly, you will learn how to configure and install specific tools to protect the users against the attacks allowing to exceed protections systems and networks of the antivirus type, personal fire wall or of border. This formation before is very intended to the system administrators and networks which wish to bring solutions and methodologies advanced to make safe their Windows park.
	Day 1 & 2 BASIC SAFETY Creation of CD of up to date installation Pre security and post installation Sedentary day before Deployment on a machine stock SAFETY OF THE STATIONS CUSTOMERS Limitation of the users Security policy Restriction of the software Protection of the users Safety of the customer applications Personal antiviruses and Firewalls Safety of the Native services Management of the services Safety of the minimal services SAFETY OF THE STATIONS WAITERS Native services Management of the services Safety of the minimal services Services networks IPSEC DNS Internet Information Services Exchange Server Divisions Escape of information: login anonymous Remote control TOOLS OF SECURITY Take care To that Monitoring system Integrity of the files Recovery of unobtrusive files Forensic analyses • Process To explore TCPView, RegMon, FileMon Rootkit Revealer Scanners Microsoft Baseline Security Analyzer (MBSA) GFI LANguard Context user ADVANCED SECURITY Troyens and firewall personal OpenProcess CreateProcess SetWindowsHookEx Specificity of the applications To prevent this exploitation Modification of the operating system How the transition in kernel mode is carried out To control the driver	Days 3 TOOLS OF SECURITY Take care To that Monitoring system Integrity of the files Recovery of unobtrusive files Forensic analyses Process To explore TCPView, RegMon, FileMon Rootkit Revealer Scanners Microsoft Baseline Security Analyzer (MBSA) GFI LANguard Context user ADVANCED SECURITY Troyens and firewall personal OpenProcess CreateProcess SetWindowsHookEx Specificity of the applications To prevent this exploitation Modification of the operating system How the transition in kernel mode is carried out To control the driver