Gain 30 practical skills in as little as 30 days with
30-Day Windows Security Crash Course

Ready to learn new cyber skills that are up-to-date with the industry’s needs?




Why are we doing this?

The cybersecurity industry grows and demands talent like no other. But talent should come with an up-to-date skill set.

We’re here to save you from learning stuff that neither you need… nor your employer.

Instead you’ll ‘inject’ yourself with 30 skills that are crucial on the path from a Newbie to Windows Security Pro. Our goal is to, after those 30 days, make you feel more confident and qualified to face cybersecurity challenges than ever before.

Every day for 30 days you will be getting a new video lesson, exercise and tools for self-study. Everything will be delivered to you via our closed CQURE Academy Membership platform.

You can complete this Windows security course at your own pace, but we recommend you to study daily for 30 days for optimal (and faster!) results.

How is this training different from others?

Only 30 days

It’s called Crash Course for a reason. It will be challenging but also fun as each skill is based on real case scenario.

Only important skills

You’re getting an essential set of 30 skills that are up-to-date with industry’s needs and standards.

Only useful tools

You’ll get a special CQURE toolkit to download and keep forever. Trust us, it will come handy beyond this course.

Only cool presenters!

We’ll bring a bunch of experts on board, but it’s Paula Januszkiewicz who will be your main teacher and the host of the program.

Course Formula


It’s action-packed! You’ll need about 30 minutes of laser focus a day to go through 30 lessons in 30 days. We’re not fluffing around, you’ve been warned.

12-month Access

You’ll get a full-year online access to the course (counting from the day of purchase). Which means that you can go through it in your own pace or go back to it for revision.


The exams are being organized 4 times a year – every three months.
You have 4 opportunities to take the exam during the time your membership is active. You have one chance to retake it if something goes wrong.


You’ll receive an official certificate of completion after passing the final exam.

Extra Materials

Along with video tutorials and assessments testing your knowledge and skills, you’ll also get a lot of extra materials and tools to download.

Social & Network

You’ll become a member of a closed Facebook group, where you can not only share your challenges and geeky jokes… but also network.

Course Syllabus

Lesson 1

Processes and Threads

Just imagine you have identified really suspicious malware process in your OS. What is your reaction? Kill it? If yes – this module is for you. Because killing a process is only a bit better than not caring at all. We will teach you how processes are working inside and what you should do to understand what is really happening in your OS.

Lesson 2

Administering System Services

Services are most oftenly misconfigured in the enterprise. That includes accounts on which services are running on, their Service Principal Names, permissions to who can administer them and location where executable is placed and what can happen to it when someone has ‘write’ permissions to the folder where executable is in.

Lesson 3

Managing Service Accounts

Demonstration covers the topics like how to create group managed service account in a proper way, how SPNs are searched by application service and users and how this affects security in general.

Lesson 4

Managing System Privileges

Privileges, as well as permissions, in operating system are ones who define the difference in between members of the Users group and Administrators group. Privileges define who you are and how your security token looks like so that you can perform some system specific operations.

Lesson 5

Implementing Security Policy Settings

Permissions in operating system define us where certain user can get access to. They affect who can open specific files and folders. Permissions can be misconfigured, for example: mistakes can come from the file server migration. Permissions should be often audited as resultant set of permissions sometimes can accidentally provide unauthorized access to information.

Lesson 6

Protecting objects

Within the Windows operating system we have a lot of different types of objects. Sometime we are talking about processes, sometimes about registry hives, another time about files and folders, shares, services etc. These objects may be very different but have one thing in common: you can (should!) manage their permissions. During the day 6, we will go couple of steps further than we went during the day 5.

Lesson 7

DNS and Active Directory Domain Services

It is high time to beyond standalone machine and during this day we will cover the most important part of the Windows Infrastructure: DNS and AD. We hope you already had a chance to work with these technologies but we will tell you what to do to make them secure. Starting from best practices and ending with extending the schema.

Lesson 8

Managing Internal Public Key Infrastructure

How to troubleshoot the health of the PKI infrastructure to validate whatever it is in healthy state and can serve it purpose.  How to create proper modern certification templates that can serve typical web servers or other application. How to implement  code signing technique that is using modern approach to code signing from 3rd party application

Lesson 9

Configuring SQL Server Authentication Settings

 How to switch between different application modes configure proper settings, how to use spns and detect if you are not using herbers.

Lesson 10

Sniffing on the Network Traffic

The beauty of network sniffing in the past was that it was relatively simple. Today it is still simple but it has to involve the inter attack, for example ARP poisoning, ARP flooding. When evaluating network security you need to be familiar with what kind of traffic you have in your network and eventually choose appropriate protection solution.

Lesson 11

Windows protocols

If you know how to listen to network packets it would be great to really understand what you listen to and use this knowledge in your everyday tasks. Especially if most of Windows protocols can be configured to use some form of encryption to protect integrity and confidentiality of your data.

Lesson 12

Preparing Application Inventory

How to get application data that can be used while implement application through this link and also how to the get another application set data that can be used asset the compatibility of application.

Lesson 13

Implementing AppLocker

How to implement the AppLocker and not stop business from working.

Lesson 14

Understanding Non-exe executable files

How to use code signing with time stopping to safely send those scripts , how to deploy code signing certificates to the active directory to assure that users of this services will trust those scripts and that the scripts wasn’t modified inside or in the storage.

Lesson 15

Reviewing techniques used by Ransomware and implementing prevention

Ransomware has been on the market for the past 5 years. Ransomware developers find newer and better ways to get into user’s computer. From the securing point of view all these techniques are easy to be mitigated but they need to be framed and understood in order to apply appropriate security measure.

Lesson 16

Implementing and Using BitLocker

Did you ever access the data on the disk after moving the drive to another machine or after booting the computer from bootable media? If yes, then you should ask yourself how to protect your information from such attacks. During the lesson we will cover one of the most popular, totally invisible for users mechanisms built into Windows operating system: the Bitlocker. Prepare to be encrypted but in a good way.

Lesson 17

Understanding DPAPI and Protection of Users Secrets

Can storing passwords in the browser be safe? What is the technology used to protect our private keys? It is all protected by Data Protection API and in order to understand the level of protection of our most precious secrets we need to understand mechanisms lying behind.

Lesson 18

Failover Clustering

Sometimes some of your services (such as databases, webservers etc) should work 24h/7 without any downtime. But how can you make this happen? During this module we will show you how can you achieve really high availability and of course we add a lot of useful facts directly from the field. Because it is not always as simple as it may look.

Lesson 19


We all use virtualization but usually the first thought about it is not related to security. It is great security feature in different areas and due to multiple reasons. We will show you how virtualization can improve availability and integrity and at the same time where additional risk factors for information confidentiality appear.

Lesson 20

Making SQL Server Databases AlwaysOn

How to configure alwayson availability group and  how to fail over between the cluster notes.

Lesson 21

Configuring PowerShell with Just Enough Administration

How to delegate on a subset of administrative privileges to the IT support.

Lesson 22

Group Policy

During the session we will demonstrate you how to effectively manage security not by configuring details but by defining how they should self-configure automatically. Of course when automatic configuration comes to the field even tiny mistake may be really painful so you can expect some best practices as well.

Lesson 23

Implementing Desired State Configuration

Desired State Configuration (DSC) is the technology designed with DevOps in mind. It is used to enforce the common configuration based on a set of criteria defined by admins responsible for different areas. During the module we will show you how easily IT teams can operate without having to go through error-prone manual processes.

Lesson 24

Using Windows Built-in monitoring tools

Within the OS we have a lot of interesting tools greatly helping us to analyze and monitor the system’s behavior. The only problem is that these tools are sometimes not too admin friendly even if extremely powerful. So if you had no chance to play with logman, tracerpt or wpr – this module is a must. And of course we will cover a lot more.

Lesson 25


Sometime administrators complain that Windows is not willing to “tell” them what it is doing and why some strange things happen. Actually this OS is extremely talkative and the only thing you have to do is to put your ear to the ground. Of course having some helpful tools handy because the number of messages you can obtain from Windows may be a bit overwhelming if you are not prepared to handle them.

Lesson 26

3rd party monitoring tools

As we already know, Windows OS wants to share a lot of information with us. The only problem appears when you multiply number of reported events by number of your computers. Analyzing all this information manually it is not a real scenario. During the session we will teach you how to use monitoring tools in practice. Free ones and paid as well.

Lesson 27

Startup troubleshooting

Sometimes, usually when you are in real hurry your computer does not boot up or you simply cannot log on. During this module we will cover the boot and logon processes, analysis of events happening at startup and of course we will discuss most typical scenarios for failure and recovery.

Lesson 28

Blue Screens

Maybe bluescreens are not nice but for sure they are very interesting. Actually, the Operating System does a lot of things when displaying the unfamous “sad face”. Let’s look under the cover and analyze together all the useful information Windows is giving us when it crashes.

Lesson 29

Performing Disk Forensics

Usually when something happens within the OS it leaves some traces. Somewhere. Of course bad guys will try to remove their footprints. So this module is about being smarter than they are. We will teach you techniques such as reading ntfs journal , analyzing compressed prefetch data or reading information from users profiles.

Lesson 30

Memory Analysis

If your computer does something (including really confidential things) it must store it within the memory. So if I can take your memory content, “all your base are belong to us”, right? During the module we will teach you how to grab the memory content and how to extract valuable informations from it.


Click here to browse the modules:

PLEASE NOTE: The exams are being organized 4 times per year – every three months. You have opportunities to take the exam during the time your membership is active. You have one chance to retake it if something goes wrong.

Your teachers

Paula Januszkiewicz

Founder and CEO of CQURE

Paula is a Microsoft Security Trusted Advisor, IT Security Auditor and Penetration Tester. On top of that, she’s an Enterprise Security MVP and trainer (MCT). She shares her expertise on Windows Security through online writing and speaking at conferences (she already checked off TechEd North America, TechEd Europe, TechEd Middle East, RSA, TechDays, CyberCrime — to name but a few). She proudly holds the role of the Security Architect in IDesign and manages her own company CQURE.

Greg Tworek

Cybersecurity expert

Greg has been working with Windows Security since the very beginning of his professional career. He started as a system administrator, then moved to a consultant role, IT manager and chief information security officer (CISO). 

Kamil Bączyk

Senior Infrastructure & Security Expert

Kamil deeply believes that combining work and hobby is the key to success. In CQURE he has his heart and soul in the Microsoft infrastructure, cloud and security solutions. Kamil’s experience allows him to perform architecture consulting, penetration tests and authored trainings and seminars.

Michał Jankowski-Lorek

Cloud Solutions & Machine Learning Expert

Michael designs and implements solutions for Databases, Network & Management area, mainly for Microsoft platform. As for day-to-day work, he works as Solution Architect, designing and planning database related solutions and software, mainly based on Microsoft and Oracle servers. He also designs and administers IT Infrastructure based on Microsoft systems and network solution from CISCO.

Matus Puskar


Matus Puskar is CQURE’s Expert with many years of experience as Tester and Technical Analyst in financial technology, with special focus on smartPOS devices. Before his cybersecurity journey, he has worked for Financial industry and gained wide knowledge about various standards and their implementation in Financial institutions (PCI, EMV, CUP, EFTPOS…).

Matus has delivered many penetration tests scoped from Web Applications to Infrastructure and Mobile Applications. He has hands on experience with Burp Suite Pro, Kali Linux and practical knowledge of ITIL set of practices.

Who Is It For

The Windows Security Newbie

If you have less than 2 years of experience in Windows systems but are committed to level up in Windows Security, then really, this course is perfect for you. We cover the basics, but also give you enough knowledge that you can apply it immediately in your organisation.

The Windows Specialists

We know that you already have tons of experience with Windows systems. However you want to expand your career and are eager to explore the world of cybersecurity. This is a great place to start.

Ye ol’ Windows Security Veterans

You’ve been at it for years, you’ve got tons of knowledge, but are willing to evaluate your current level and get relevant knowledge. You know IT changes at lightning pace, so you want to stay up-to-date in the cybersecurity field.

What CQURE Academy Students say

All of their classes are based on their real world experience with the products, not just the typical Official Curriculum style classes that teach you things for an exam, but that you will never use. You’ll find that all of the material you’ll learn in the class will be used, at some point, in your security career.

Jack Perry

Security Principal Consultant | Presidio

Totally professional, total great stuff, in-depth knowledge and a perfect Learning Atmosphere! I like it! Thanks so much for sharing your experience and knowledge!

Martin Weber

CTO | IT.innovation.4U GmbH

I have attended CQURE’s training as someone who is not a security professional, but just an enthusiast, and I feel like I learned a A LOT. The whole training was loaded with information and nice demos of the latest technologies. On top of that — having an opportunity to ask and talk to professionals was priceless.

Marek Chmel

SQL Server DBA | AT&T

Let me start by saying Paula is amazing!! The passion for the topic really shows. As an engineer with 16 years of experience, I am impressed. Thank you for the education, and entertainment.

Dave Kordyban

Network Engineer | Garrett County Government

As it also happened before, Paula Januszkiewicz knows how to blow your mind. As great athletes make their discipline look easy when you watch them perform, so Paula makes Windows purr like a little kitten. Even though I am fully aware of how much I still don’t know, after a course such as this Windows is not mysterious anymore. This is a great feeling.

Doru-Catalin Togea

Information Security Advisor | Norwegian Police

I’ve recently attended a training held by CQURE. It was PACKED with knowledge and tools. Of course not everything was discussed in details (lack of time) but CQURE team delivered a great value within just a few hours. I was a student not so long ago and I wish that our universities were teaching as efficiently as CQURE does.

Kamil Więcek

IT Expert | ING Bank Śląski

We have learned a lot about IIS, hacking and much much more. Our motivation has increased during this course and of course great interest in your work Paula. Impressed with your enthusiastic energic way of presenting.

Styrk Finne

Senior Professional System Engineer | CSC Norway

Once Again, What You Are Gaining

  • Master one practical skill a day that can be deployed immediately to protect your system
  • Access cutting edge tools and privileged industry knowledge 
  • Learn from industry experts who spend 60% of their time consulting on security for clients around the world 
  • Become adept at Allow-Listing, Practical Cryptography, Troubleshooting, Forensics, Scripting and Automation
  • Gain skills no Windows security specialist can be without: Windows Internals, Windows Systems Identity and Access Management, Infrastructure Services Management, Securing Windows networks, High Availability and Windows Systems
  • Earn official certification from CQURE after completing the course and passing the final exam
  • Access all course video recordings and extra learning materials for a full 12 months from the day of purchase
  • Share your victories and challenges in a closed Facebook group created exclusively for course participants (where you can also expand your network!)
  • Thrive on an exciting course that builds your cybersecurity knowledge and confidence through daily challenges delivered via a video lesson, assessment, and supporting tools and exercises
Individual Access
Team Package
For team starting from 2 people


PLEASE NOTE: The exams are being organized 4 times per year – every three months. You have opportunities to take the exam during the time your membership is active. You have one chance to retake it if something goes wrong.

Frequently Asked Questions