Master Class: Securing Active Directory Deep Dive LEVEL 2

Master Class: Securing Active Directory Deep Dive LEVEL 2SADDD-L2MTMaster ClassMT-SADDD-L21.0In this master class course LEVEL 2, the topic of Active Directory security is once again immensely deepened. Want to make your crown jewels even more secure? Is your environment critical or are you in the "SupplyChain"? Or are you even bound to secrecy? No problem: We will show you how to secure your environment extremely. After more than 100 trainings in this area, this course was created as a worthy successor to the well-known and highly booked MasterClass Active Directory Security. That's why: Understand, harden and monitor so you can sleep better.At least 5 years of experience with Active Directory and client systems Prior attendance of the <a class="fl-href-prod" href="/swisscom/en/course/masterclass-saddd-l1"><svg role="img" aria-hidden="true" focusable="false" data-nosnippet class="cms-linkmark"><use xlink:href="/css/img/icnset-linkmarks.svg#linkmark"></use></svg>Master Class: Securing Active Directory Deep Dive (SADDD-L1)</a> course is REQUIRED AND must be verified.This course is designed for experienced system administrators, consultants and Active Directory designers. After this seminar, you will be able to design, implement and consult on Active Directory in a highly secure manner.<ul> <li>Review of best practices from the MasterClass Securing Active Directory FastPass.</li><li>LAPS for domain controllers - does NOT work - but it does! We show you how to secure the DSRM password rolling and encrypted incl. password history!</li><li>DSRM-User: From emergency administrator to domain admin: What a simple registry hack can do and what you should do about it...</li><li>Unified Write Filter - a completely unknown solution for Windows 10/11 clients: Kiosk mode for professionals and for Privileged Admin Workstation - PAWs with "sheriff cards")</li><li>Multi-tenant Active Directory - how to hide organizational units (Ous) for administrators who should not see them: Object List No one dares to do it - how to show you how to do it and how the pros do it!</li><li>MBAM & Bitlocker: Bitlocker on Steroids Microsoft BitLocker Administration and Monitoring 2.5 - even if the extended support ends in 2026 - MBAM is absolutely worth a look!</li><li>Hiding TIER-0 admins via Powershell What I can't see, I can't attack.... How to hide your crown jewels...</li><li>Bloodhound: Hunting for Privileges Install and use Bloodhound - let's hunt for privileges!</li><li>PAM feature with Server 2016: JEA & JIT Just enough Administration with JustInTime Administration With Server 2016 came - for most undiscovered - the PAM feature: Privileged Access Management for Users: Time-to-Live for Administrators who manage the Tickets</li><li>When it should be less: Authentication Silos & Authentication Policies Who, How, Where, and When...</li><li>Build, maintain and administer tier models en detail Tier and ESAE model in practice.</li><li>Windows Defender for Identity</li><li>Lithnet Active Directory Password Protection</li><li>DNS-SEC - Run DNS in a highly secure way Trust-Anchors DNS over https ( DoH )</li><li>SMB encryption AES 256 Operate SMB highly secure</li><li>UNC Hardening</li><li>From DNS-Admin to DomainAdmin How to go from small to big...</li><li>LocalAccountTokenFilterPolicy</li><li>LDAP-S, signing and channel binding What exactly is it about and why LDAP-S is not LDAP-signing...</li><li>LDAP-S and SSL V2, V3 and TLS V1 - what then now LDAP-S en detail</li><li>"Notes from the field - our experience from 10 years of hardening Active Directory <ul> <li>LAPS</li><li>Protected Users</li><li>KRBTGT Reset</li><li>PingCastle</li></ul></li><li>Questions from the participants</li></ul><h4>Your Trainer</h4>The Advanced Master Class was developed by Andy Wendel and is delivered by himself and his experienced team. Andy Wendel is a Senior Data Center and Cloud Architect and Certified Security Master Specialization Advanced Windows Security. He was and is trained by the internationally renowned security experts <a class="cms-href-ext" href="http://cqure.pl/paula-januszkiewicz/" data-cms-evt-click="Outbound Links;click;http://cqure.pl/paula-januszkiewicz/">Paula Januszkiewicz</a> and <a class="cms-href-ext" href="https://www.samilaiho.com/?/" data-cms-evt-click="Outbound Links;click;https://www.samilaiho.com/?/">Sami Laiho</a>. This certification is renewed every year. Andy Wendel has been working as an IT trainer and consultant since the late 1990s and is also a Certified Microsoft Learning Consultant (MCLC). Worldwide, Microsoft has only awarded 56 Certified Learning Consultants.In this master class course LEVEL 2, the topic of Active Directory security is once again immensely deepened. Want to make your crown jewels even more secure? Is your environment critical or are you in the "SupplyChain"? Or are you even bound to secrecy? No problem: We will show you how to secure your environment extremely. After more than 100 trainings in this area, this course was created as a worthy successor to the well-known and highly booked MasterClass Active Directory Security. That's why: Understand, harden and monitor so you can sleep better.At least 5 years of experience with Active Directory and client systems Prior attendance of the Master Class: Securing Active Directory Deep Dive (SADDD-L1) course is REQUIRED AND must be verified.This course is designed for experienced system administrators, consultants and Active Directory designers. After this seminar, you will be able to design, implement and consult on Active Directory in a highly secure manner.- Review of best practices from the MasterClass Securing Active Directory FastPass. - LAPS for domain controllers - does NOT work - but it does! We show you how to secure the DSRM password rolling and encrypted incl. password history! - DSRM-User: From emergency administrator to domain admin: What a simple registry hack can do and what you should do about it... - Unified Write Filter - a completely unknown solution for Windows 10/11 clients: Kiosk mode for professionals and for Privileged Admin Workstation - PAWs with "sheriff cards") - Multi-tenant Active Directory - how to hide organizational units (Ous) for administrators who should not see them: Object List No one dares to do it - how to show you how to do it and how the pros do it! - MBAM & Bitlocker: Bitlocker on Steroids Microsoft BitLocker Administration and Monitoring 2.5 - even if the extended support ends in 2026 - MBAM is absolutely worth a look! - Hiding TIER-0 admins via Powershell What I can't see, I can't attack.... How to hide your crown jewels... - Bloodhound: Hunting for Privileges Install and use Bloodhound - let's hunt for privileges! - PAM feature with Server 2016: JEA & JIT Just enough Administration with JustInTime Administration With Server 2016 came - for most undiscovered - the PAM feature: Privileged Access Management for Users: Time-to-Live for Administrators who manage the Tickets - When it should be less: Authentication Silos & Authentication Policies Who, How, Where, and When... - Build, maintain and administer tier models en detail Tier and ESAE model in practice. - Windows Defender for Identity - Lithnet Active Directory Password Protection - DNS-SEC - Run DNS in a highly secure way Trust-Anchors DNS over https ( DoH ) - SMB encryption AES 256 Operate SMB highly secure - UNC Hardening - From DNS-Admin to DomainAdmin How to go from small to big... - LocalAccountTokenFilterPolicy - LDAP-S, signing and channel binding What exactly is it about and why LDAP-S is not LDAP-signing... - LDAP-S and SSL V2, V3 and TLS V1 - what then now LDAP-S en detail - "Notes from the field - our experience from 10 years of hardening Active Directory - LAPS - Protected Users - KRBTGT Reset - PingCastle - Questions from the participants Your Trainer The Advanced Master Class was developed by Andy Wendel and is delivered by himself and his experienced team. Andy Wendel is a Senior Data Center and Cloud Architect and Certified Security Master Specialization Advanced Windows Security. He was and is trained by the internationally renowned security experts Paula Januszkiewicz (http://cqure.pl/paula-januszkiewicz/) and Sami Laiho (https://www.samilaiho.com/?/). This certification is renewed every year. Andy Wendel has been working as an IT trainer and consultant since the late 1990s and is also a Certified Microsoft Learning Consultant (MCLC). Worldwide, Microsoft has only awarded 56 Certified Learning Consultants.3 days3800.003800.003800.004135.00599.003160.005710.003890.003890.003890.003890.003890.00