30 Skills to Become a Windows security Pro
Last Thursday we hosted our first ever webinar for cyber Newbies (geeks with less than 3 years’ experience), called “How To Hack Your Way To Windows Security Proficiency”. During the webinar, we pointed out 30 skills that every Cyber-Newbie must acquire to become Windows Security Pro. These skills are:
#1 skill group: Windows Internals
- Reviewing Processes and Threads
- Administering System Services
- Managing Service Accounts
# 2 skill group: Managing identity and access in Windows Systems
-
- Managing System Privileges
- Managing Permissions
- Protecting objects
#3 skill group: Managing Infrastructure Services
- Configuring DNS and Active Directory Domain Services
- Managing Internal Public Key Infrastructure
- Configuring SQL Server Authentication Settings
#4 skill group: Securing Windows networks
- Sniffing on the Network Traffic
- Understanding and analyzing Windows protocols
#5 skill group: Application Whitelisting
- Preparing Application Inventory
- Implementing AppLocker
- Understanding Non-exe executable files
- Reviewing techniques used by Ransomware and implementing prevention
#6 skill group: Practical Cryptography
- Implementing and Using BitLocker
- Understanding DPAPI and Protection of Users Secrets
#7 skill group: High Availability
- Failover Clustering
- Virtualization
- Making SQL Server Databases AlwaysOn
#8 skill group: Scripting and Automation
- Configuring PowerShell with Just Enough Administration
- Group Policy
- Implementing Desired State Configuration
#9 skill group: Monitoring Windows Systems
- Using Windows Built-in monitoring tools
- ETW and EVT
- 3rd party monitoring tools
#10 skill group: Troubleshooting
- Startup troubleshooting
- Understanding Blue Screens
#11 skill group: Forensics
- Performing Disk Forensics
- Memory Analysis
The webinar replay is not available anymore but — due to high demand — we decided to give you access to its slideshare. PLUS, as a surprise, we’re throwing in 2 demos: one on ransomware and one on SQL Authentication.
Demo number 1: Understanding ransomware
One of the skills that every Windows Security Pro should acquire is understanding ransomware techniques. There are a couple of interesting things that we should have a look at when discussing ransomware and this is something that Paula has shown during the webinar. Below you will find part of the recording from the webinar:
Demo number 2: Configuring SQL Server Authentication Settings
Another topic that we demonstrated during the webinar was SQL Server. It belongs to the sill group: Managing Infrastructure Services and it’s also crucial to learn for every Cyber-Newbie Greg has hacked into SQL Server and then made SQL Server having unusual privileges over the previous account.