Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

Microsoft Windows Server is a highly pervasive enterprise computing platform that can be used for a wide array of business and infrastructure applications. In this practical, information packed seminar, you will learn a structured approach to securing and auditing Microsoft servers. You will cover all key Windows server control points, as well as common CyberSecurity risks, safeguards, and audit procedures. Key changes affecting CyberSecurity and audit in different versions of Windows servers will be highlighted. You will gain criteria for selecting and using best-of-breed bundled, freeware, and commercial CyberSecurity and CyberAudit tools. You will also focus on strengthening your organization’s ability to demonstrate due diligence by emphasizing and leveraging industry best practices for CyberSecurity and CyberAudit of Windows servers.

Bonus: You will receive a comprehensive “Windows Server and Active Directory Audit Data Collection Guide”

Learning Objectives

  • Identify the different versions and roles of Microsoft Windows servers and important differences in built-in CyberSecurity and
  • CyberAuditability features
  • Locate sources of industry CyberSecurity and CyberAudit best practice guidance
  • Assess logical access control and other system configuration parameters that affect the CyberSecurity of each Windows server
  • Gain familiarity with Windows CyberSecurity policy deployment and patch management
  • Learn how to use built-in and low cost software tools to gather CyberAudit evidence and assess the level of CyberSecurity for Windows Servers

Course Outline

Microsoft Windows Server and Active Directory Architecture

  • Server roles and CyberSecurity control points
  • Variations among different versions of Windows Server
  • CyberSecurity risks associated with Microsoft Windows Server

Auditing Windows Server Security Policies and Configuration

  • Windows CyberSecurity Policies and Group Policy Objects (GPOs)
  • User accounts
  • User authentication
  • Groups and privileged user authority
  • Logical access control authorization: directories, files, shares
  • Event logging
  • Local Security options
  • Microsoft TCP/IP applications and network services CyberSecurity risks and CyberAudit procedures
  • CyberSecurity vulnerability and patch management
  • Tools, techniques, and references for CyberAudits of Windows Server CyberSecurity

Additional Information

Who Should Attend

IT Auditors
Information Security Managers, Analysts, and Architects
IT Architects
System Administrators
Consultants

Learning Level

Advanced

Delivery

Group-Live

Field

Auditing

Advanced Preparation

None

Recommended Prerequisites

CyberAudits of Identity and Access Control Management (CY01) or equivalent training. A basic understanding of IT audit controls and terminology is assumed.

Session Duration

Online:

On Site:

CPE Credits: