Randy Franklin Smith's
Audit and Assessment of Windows Server

Overview

In this hands-on, 3-day seminar you will learn how each control area of  Windows Server 2003 works, how to centrally manage Windows Server 2003 systems,  and how to determine whether your Windows Server 2003 systems are in compliance  with corporate information security policy without looking at each system. You  will master a methodology for performing a detailed audit of Windows Server. You will be guided through each step of the review, from scope and planning through evidence extraction analysis, to writing your findings. 

Starting with a brief look at Active Directory, you will cover forests, trees, domains, organizational units, user and group administration, user rights, and relationships of local, global and universal groups. In hands-on labs you will perform a combination of administrative- and audit-related tasks to deepen your grasp of Windows security and how to locate risks and inadequate controls. You will also cover each item in Microsoft’s Baseline Security Checklist for Windows Server as well as many additional risks.

You will explore the differences between Windows 2000 and 2003, and how they affect security and audit processes.. You’ll find out about new user rights and other security options added to Windows Server 2003. You will examine the user interface and terminology that have changed significantly between Windows 2000 and 2003 and pinpoint how these changes can cause confusion and faulty conclusions about security controls. You will learn what’s new in Windows Server 2003 R2 and how it affects your audit methodology.

You will also exercise the different control areas in Windows Server 2003, including security logging, account policies, logon controls, permissions, access control lists, user rights, system services and more. You will discover how Windows networks should be centrally secured and controlled using organizational units and Group Policy objects,. You will find out how to use the new Group Policy Management Console to greatly simplify and accelerate evidence collection for Windows Server 2003 audits. In addition, you’ll learn how to take advantage of the growing array of free tools from Microsoft and others for speeding up and performing more effective audits

Next:

• Benefits
• Request detailed course outline or training proposal

 

Upcoming Webinars Web Protection: The Missing Link in the Endpoint Security Chain? File Integrity Monitoring with the Windows Security Log Anatomy of an Attack: What Happened at RSA and What Can We Learn From It? Implementing Virtual Security Cameras to Protect Privileged Access and Enforce Accountability

Additional Resources Security Log Quick Reference Chart Security Log Resource Kit Learn about the SharePoint Audit Log Patch Tuesday Analysis

•	Benefits
•	Outline
•	FAQ
•	Availability