Internal Audit Training, IT Audit Training Courses, Information Security Training - CPE Interactive

Continuing Professional Education for Audit, Assurance, & Info Security

Course Description

Microsoft is a major player in both the CyberSpace infrastructure and application development arenas. In this practical, information packed seminar, you will learn a structured approach to securing and auditing Microsoft servers and networking infrastructure, including Active Directory, from end-to-end and from top to bottom. You will cover all key Windows server control points, as well as common CyberSecurity risks, safeguards, and audit procedures. Forests, domains, directory services, Group Policy Object (GPO) control audit points and associated CyberSecurity and CyberAudit procedures within the Microsoft Active Directory architecture will be analyzed and demonstrated. Key changes affecting CyberSecurity and audit in different versions of Windows servers will be highlighted. You will gain criteria for selecting and using best-of-breed bundled, freeware, and commercial CyberSecurity and CyberAudit tools. You will also focus on strengthening your organization’s ability to demonstrate due diligence by emphasizing and leveraging industry best practices for CyberSecurity and CyberAudit of Windows servers.

Bonus: You will receive a comprehensive Windows Server and Active Directory Audit Data Collection Guide

Learning Objectives

  • Identify the different versions and roles of Microsoft Windows servers and important differences in built-in CyberSecurity and CyberAuditability features
  • Locate sources of industry CyberSecurity and CyberAudit best practice guidance
  • Identify logical access control and other syst1em configuration parameters that affect the security of each Windows server and associated domain objects
  • Assess logical access control and other system configuration parameters that affect the CyberSecurity of each Windows server and associated domain objects
  • Gain familiarity with Windows CyberSecurity policy deployment and patch management
  • Learn the basics of Lightweight Directory Access Protocol (LDAP) and its impact on Active Directory and Windows CyberSecurity policy deployment
  • Learn how to use built-in and low cost software tools to gather CyberAudit evidence and assess the level of CyberSecurity for Windows servers and Active Directory

Course Outline

Microsoft Windows Server and Active Directory Architecture

  • Server roles and CyberSecurity control points
  • Variations among different versions of Windows Server
  • CyberSecurity risks associated with Microsoft Windows Server and Active Directory

Auditing Active Directory

  • Windows and Active Directory Administration Tools
  • Types of Active Directory objects, domain controller roles, and user groups
  • Domains, forests, and associated policy and trust relationships
  • Microsoft TCP/IP applications and network services CyberSecurity risks and CyberAudit procedures
  • Domain user authentication protocols: NTLM, Kerberos
  • Lightweight Directory Access Protocol (LDAP) design and CyberSecurity

Auditing Group Policy and Privileged Authority

  • Group Policy Objects (GPOs)
  • Groups and privileged user authority in Active Directory

Auditing Windows Server

  • User accounts, authentication and groups
  • User rights assignment
  • Access control authorization
  • Virtualization—Hyper-V
  • Security event logs
  • System integrity and patch management

Windows Security Audit Planning and Data Collection

  • Tools, techniques, and references for CyberAudits of Windows server and Active Directory CyberSecurity

Additional Information

Who Should Attend

IT Auditors, Operational Auditors
Information Security Managers, Analysts, and Architects
System Administrators

Learning Level



Group Live



Advanced Preparation


Recommended Prerequisites

CyberAudits of Identity and Access Control Management (CY01) or equivalent training. A basic understanding of IT audit controls and terminology is assumed.

Session Duration

On Site: 3 days

CPE Credits: 27

Questions? Contact us

Phone: +1 (781) 784-4390
Email: fill out form below

    [recaptcha size:compact class:captcha]