Tech200: Auditing and Securing Windows 2000/2003

 

Description: This one or two day workshop will examine the major components of Windows 2000/2003 and will provide an understanding of what needs to be done in order to secure and audit these critical systems.  It shows how to audit the basic architecture, including considerations for using trees, forests and domains and looks at how to evaluate the controls over users and groups.  Finally, the session progresses through file and folder controls, audit settings and the myriad of other settings in this important operating system.

 

Audience: This seminar is intended for internal and external audit professionals, security analysts and administrators and security consultants who wish to learn more about securing and auditing the Windows platforms.

Prerequisites: There is no prerequisite for this seminar.


Objectives: After completing this seminar, participants will be able to:

·         Recognize the key elements of the Windows system

·         Describe the structure of Windows and how all the elements relate to provide security

·         Explain the steps taken to properly audit and secure a Windows system

·         Understand how the Windows Group Policy can be used

·         Conduct an assessment and technical review of their organization's Windows’ systems


Course Outline:

Overview

·         Understanding what’s new in Windows 2003

·         General overview of Windows security

·         Understanding the "Out of Box" configurations

·         Determining each servers role

Understanding the architecture

·         Domains and Trusts

·         Organizational Units

·         Group Policy

Dealing with users and groups

Managing file and folder security

Ensuring administrative controls

Configuring auditing and logging

Ensuring Backups

Securing the Different Roles

·         Configuring a Secure Baseline for Domain Controllers

·         Configuring a Secure Baseline for Mission Critical Servers

·         Configuring a Secure Baseline for Member Servers

Mr. Lewis’ seminar will draw upon his almost 30 years of experience in the areas of IT operations and information security in both industry and consulting and with his expertise in leading seminars around the world for over 20 years.

[Back to Seminars/Courses]