Overview
PowerShell is a task management framework that allows systems administrators to configure and automate tasks using scripting language and command-line shells. PowerShell’s task automation capabilities enable users to manage and enhance Windows environment security across their organization.
This instructor-led, live training (online or onsite) is aimed at SysAdmins, systems engineers, security architects, and security analysts who wish to write, execute, and deploy PowerShell scripts and commands to automate Windows security management in their organization.
By the end of this training, participants will be able to:
- Write and execute PowerShell commands to streamline Windows security tasks.
- Use PowerShell for remote command execution to run scripts on thousands of systems across an organization.
- Configure and harden Windows Server and Windows Firewall to protect systems from malware and attacks.
- Manage certificates and authentication to control user access and activity.
Format of the Course
- Interactive lecture and discussion.
- Lots of exercises and practice.
- Hands-on implementation in a live-lab environment.
Course Customization Options
- To request a customized training for this course, please contact us to arrange.
Requirements
- A general understanding of Windows Server and Active Directory concepts
- Familiarity with command-line shell and scripting language
Audience
- SysAdmins
- Systems engineers
- Security architects
- Security analysts
Course Outline
Introduction
Overview of Windows Security Using PowerShell Automation
Getting Started with PowerShell Automation
Using PowerShell Features for Windows Security
Writing PowerShell Scripts, Functions, and Modules
Executing PowerShell Commands and Scripts
Passing Arguments and Piping Data for PowerShell Scripts
Running Remote Command Shells
Integrating PowerShell Core with OpenSSH on Windows
Exploring PowerShell Just Enough Admin (JEA)
Deploying PowerShell, Group Policy, and Task Scheduler
Using PowerShell for Windows Management Instrumentation (WMI)
Using PowerShell for Active Directory Queries and Management
Server Hardening Automation with AppLocker Using PowerShell
Managing Windows Firewall Using PowerShell Scripting
Using IPsec to Share Permissions for Listening Ports
Working with PowerShell Transcription Logging, Windows Event Logs, and Namespace Auditing
Using Certificate Authentication and TLS Encryption
Configuring Public Key Infrastructure and Windows Certificates
Employing Multi-Factor Authentication Using Smart Cards and Tokens
Learning About Security Best Practices
Signing PowerShell Scripts Digitally
Writing a PowerShell Ransomware Script
Blocking Hackers and Ransomware Using Various Security Methods
Mitigating Kerberos Attacks, Remote Desktop Protocol Attacks, Security Access Token Abuse, and More
Deploying Anti-Exploitation Defenses for PowerShell
Summary and Conclusion