In this 3-day LIVE Online Training, you will learn how to utilize the built-in Active Directory security features supporting a strong defense-in-depth strategy for your organization. Senior Security Architect Daniel Ulrichs of Trusted Solutions Group Sweden will equip you to focus on the details of preventative measures - the first step in securing your infrastructure. In three days of focused training, you will gain the tools to master Active Directory security in your environment.
This LIVE Online Training has been developed by Daniel Ulrichs, one of the best Active Directory experts in the world. It is based on real-life experience preventing and recovering from catastrophes, including audits, incidents, and intrusions. This training is always performed on the latest versions of Windows clients, Windows servers, and Windows systems management components.
More than 60 percent of the time you spend in this live training is dedicated to demonstrations, hands-on-labs, and exercises, all of which are based on actual real-life scenarios and realistic methods tested and verified to work in real-world production environments.
The best part of this LIVE Online Training is that you will receive access to all the sample files and scripts used during training. With these, you will be able to rerun the exercises after completing the training and modify them for use in your environment.
This Live Online Training runs for three days and includes:
- Daily live webinars (with plenty of time for Q&A)
- A community of individuals with the same goals
- A private Facebook group with other participants for sharing reflections, progress, etc.
- The chance to ask Daniel Ulrichs questions directly in a live training environment
This LIVE Online Training is for YOU if you want to:
- Master Active Directory security
- Implement a rock-solid delegation model
- Effectively implement a strict tier model with controls
- Harden the authentication and authorization in each tier
- Learn how to use PAWs most effectively
- Understand how to secure the administrative channels in an Active Directory environment
- Optimize hardened measures in a new or existing environment
...and so much more!
This LIVE Online Training is for IT professionals and administrators who want to master Active Directory security. Students should have previous experience with Active Directory and Windows administration and have a basic understanding of PKI and networking. Scripting experience (PowerShell) is helpful but not a requirement.
Date and start time for the next Masterclass:
- January 16-18, 2024, 9:00 AM-4:30 PM Central Time (US and Canada)
Sign Up Today!
Module 1: Active Directory - Prologue
- Why Protect Active Directory?
- Threat Landscape
Module 2: The Four Pillars of Identity (AAAA)
- How the Administration Looks Today and Why It Isn't Working from a Security Perspective
- Deep Dive into Authentication Protocols to Understand the Inner Workings with Weaknesses and Strengths: The Risks and Exposures of Credentials
- Understanding the Authorization Model in Active Directory
- Audit in the Concept of Identities: What Organizations Fail on
Module 3: Real-World Examples of Attacks
- Attacks and Breaches from Real Incidents
- How They Attack Active Directory: Security Weaknesses and Misconfigurations
- Recovery and Mitigation Challenges
Module 4: Protection High Level
- What Can Wet Do to Prevent Intrusions and Minimize the Risks?
- Designing and Building in the Real World
Module 5: Strict Tiering
- Taking Control of the Infrastructure and Building Strong Isolated Tiers
- Creating a Strong Delegation Model with Least Privilege
- Creating a Strong Admin Access Model
- Time-based Access
- How to Maintain It over Time: The Challenges and Tools
Module 6: Authentication Hardening
- Hardening the Authentication Protocols
- Building Strong Authentication Policies and Siloes with Multiple Built-in Tools
- Certificate Base Authentication
- 2FA/MFA, Smart Cards, and Other Hardware Tokens: How They Work and What They Were Designed for
Module 7: Privileged Access Workstations
- PAWs/SAWs: The Different Flavors of Hardened Workstations
- The Role of a PAW/SAW
- Physical or Virtual PAWs
- Hardening Challenges
- Hardware Security in the Windows Platform
Module 8: Securing Jump Paths and Management Servers
- Hardening Techniques
- Segment Administration Networks
- Jump Paths
- Hardware Security
Module 9: Domain Hardening
- Hardening Other Protocols and Services within the Domain
- Server and Domain Isolation with IPSec
- PKI, Federation, and Other Tier 0 Components
Module 10: Admin Forest
- Is Enhanced Secure Admin Environment (ESAE) Needed Today?
- How and When to Build It
- How Do Shadow Principals Work?
Module 11: Disaster Recovery
- Scenarios and Challenges
- DR Plan
- No Supported Backup or Broken? How to Restore with What You Have
Senior IT Security Consultant, Architect- Identity and Security in Enterprise Environments[email protected]