Masterclass: Hacking and Hardening Hybrid Environment

Warsaw, Poland
November, 12th – 14th 2018

Inquire Now

Why are we doing this?

Is it that easy to get into systems? What about Windows and hybrid environments – are all of these security features preventing all of the hacking attacks possible before?
Well no! And we need to know how to implement features properly in order to be on a safe side! Windows solutions and Azure are designed to protect against known and emerging security threats across the spectrum of attack vectors but this can be achieved only when configuring these settings properly!
A Hackers’ knowledge is considered to be valuable, both by system creators and common users. Administrators do not have to be taught how to be a hacker; it is often enough to show them one simple, but a very interesting tool or technique, to change the point of view on their own IT environment.

Topics covered in this seminar help you to walk in hacker’s shoes and evaluate your network from their point of view. Be careful – this workshop is designed for IT and Security professionals who want to take their skills and knowledge to the next level. After this workshop, you will be familiar with hacker techniques, which can be useful to protect yourself against. This is a two days training with demos and reasonable and smart explanations.

Course Syllabus

Module 1

On-premise security: Windows 10 / Windows Server 2016 solutions

  • Detecting unnecessary services
  • Misusing service accounts
  • Services architecture
  • Implementing rights, permissions and privileges
  • Integrity Levels
  • Usage of privileged accounts
  • Browser security
  • Access tokens
  • Information gathering tools
  • PowerShell v5 as a hacking tool
  • Security management automation
  • Security in hybrid environments
  • Containers
  • Nano Server for Windows Server 2016

Module 2

Malicious activities: attacks on Identity and malware

  • Extracting hashes from SAM and NTDS.dit databases
  • Meaning of SYSTEM and SECURITY registry hives
  • Kerberos and NTLMv2 issues 
  • Performing the Pass-The-Hash attack
  • Cached logons (credentials)
  • Data Protection API (DPAPI) case for cached logons
  • Credential Guard (Virtual Secure Mode)
  • Application Whitelisting (AppLocker, Device Guard)
  • Code signing techniques
  • Cloud-based malware protection
  • Performing the LSA Secrets dump and implementing prevention
  • Implementing account scoping
  • Good practices for implementing Local Admin Password Solution
  • Windows Defender Advanced Threat Protection
  • Cloud-based monitoring
  • Authentication Mechanism Assurance
  • Using virtual smart cards
  • Multi-factor Authentication

Module 3

In cloud and hybrid security: managing hybrid environments

  • Shielded VMs
  • Storage Encryption
  • Just Enough Administration
  • Desired State Configuration
  • Azure Information Protection
  • Microsoft Operations Management Suite
  • Active Directory and Azure AD security
  • Multi-Factor Authentication with Azure

Module 4

Attacking and Securing Windows Network Solutions

  • Monitoring network usage by processes
  • Port scanning techniques
  • Vulnerability scanning
  • Network Protocols
  • Name Resolution Attacks
  • SMB Relay attack and enabling SMB signatures
  • Implementing IPSec and DNSSec
  • Detecting attacks with Machine Learning
  • Internet Information Server Security
  • Advanced Threat Analytics

Module 5

Windows Security Summary

  • The module covers discussion about solutions and implementations with top priorities.
Inquire Now

Click here to browse the modules:

Prerequisites

Experience

You should have good hands-on experience in administering Windows infrastructure with at least 8 years in the field.

Knowledge

You should have good understanding of how operating system works.

Learning

Ideally you should have read “Windows Internals” by Mark Russinovich book.

×