Securing Windows Server 2016 (70-744)

(70-744)/ISBN:978-1-64459-101-7

This course includes
Lessons
TestPrep
Hand-on Lab

Start your prep for the MCSE 70-744 certification exam in your first attempt with the Securing Windows Server 2016 (70-744) course and lab. The lab comes with a well-organized component library for every task. The MCSE training course and lab completely cover the 70-744 exam objectives and help you master the skills required to secure a virtualization infrastructure, implement server hardening solutions, secure network infrastructure, manage privileged identities, and implement threat detection solutions and workload-specific security.

Here's what you will get

The MCSE certification is one of many Microsoft certifications that may be obtained by passing a set of exams designed to test proficiency on a combination of complementary Microsoft products. MCSE certifications address a wide spectrum of knowledge in the mitigation of malware, spyware, and other threats that can compromise the security and integrity of any organization's data.

Lessons

16+ Lessons | 190+ Quizzes | 197+ Flashcards | 197+ Glossary of terms

TestPrep

40+ Pre Assessment Questions | 2+ Full Length Tests | 40+ Post Assessment Questions | 80+ Practice Test Questions

Hand on lab

58+ LiveLab | 58+ Video tutorials | 01:32+ Hours

Here's what you will learn

Download Course Outline

Lessons 1: Preface

  • The Microsoft Official Academic Course Program

Lessons 2: Configuring Disk and File Encryption

  • Using Encryption to Protect Data
  • Deploying and Configuring BitLocker
  • Deploying and Configuring EFS
  • Managing EFS and BitLocker Certificates
  • Skill Summary
  • Business Case Scenarios

Lessons 3: Implementing Server Patching and Updating Solutions

  • Managing Updates Using WSUS
  • Implementing Windows Server Update Services (WSUS) Solutions
  • Skill Summary
  • Business Case Scenarios

Lessons 4: Implementing Malware Protection and Protecting Credentials

  • Implementing an Antimalware Solution with Windows Defender
  • Using AppLocker to Manage Applications
  • Implementing Windows Security Features
  • Implementing NT Lan Manager (NTLM) Blocking
  • Skill Summary
  • Business Case Scenarios

Lessons 5: Creating Security Baselines

  • Creating Security Baselines with Microsoft Security Compliance Toolkit
  • Skill Summary
  • Business Case Scenarios

Lessons 6: Securing Virtual Machines with Guarded Fabric and Shielding VMs

  • Implementing a Guarded Fabric Solution
  • Implementing Shielded and Encrypted-Supported VMs
  • Skill Summary
  • Business Case Scenarios

Lessons 7: Configuring Windows Firewall and a Software-Defined Datacenter Firewall

  • Configuring Windows Firewall
  • Implementing a Software-Defined Distributed Firewall
  • Skill Summary
  • Business Case Scenarios

Lessons 8: Securing Network Traffic

  • Configuring IPSec Policies
  • Securing SMB Protocol
  • Configuring Security for DNS
  • Installing and Configuring MMA to Analyze Network Traffic
  • Skill Summary
  • Business Case Scenarios

Lessons 9: Implementing Privilege Access Management and Administrative Forests

  • Implementing Enhanced Security Administrative Environment (ESAE)
  • Implementing Just-In-Time (JIT) Administration
  • Skill Summary
  • Business Case Scenarios

Lessons 10: Implementing Just-Enough-Administration (JEA)

  • Implementing Just-Enough-Administration (JEA)
  • Skill Summary
  • Business Case Scenarios

Lessons 11: Implementing Privileged Access Workstations, Loc...ord Solution (LAPS), and User Rights Assignments

  • Understanding the Principle of Least Privilege
  • Running Programs as an Administrator
  • Implementing Privileged Access Workstations (PAWs)
  • Implementing Local Administrator Password Solutions (LAPS)
  • Skill Summary
  • Business Case Scenarios

Lessons 12: Configuring Advanced Audit Policies

  • Configuring Advanced Audit Policies
  • Skill Summary
  • Business Case Scenarios

Lessons 13: Installing and Configuring Microsoft Advanced Threat Analytics (ATA)

  • Implementing Microsoft Advanced Threat Analytics (ATA)
  • Skill Summary
  • Business Case Scenarios

Lessons 14: Determining Threat Detection Solutions Using Operations Management Suite (OMS)

  • Determining Threat Detection Solutions Using OMS
  • Skill Summary
  • Business Case Scenarios

Lessons 15: Securing Application Development and Server Workload Infrastructure

  • Implementing Windows PowerShell Desired State Configuration (DSC)
  • Installing and Configuring Windows Nano Server
  • Installing and Configuring Windows Containers
  • Skill Summary
  • Business Case Scenarios

Lessons 16: Implementing a Secure File Services Infrastructure and Dynamic Access Control (DAC)

  • Using File Server Resource Manager
  • Supporting Work Folders
  • Using Dynamic Access Control
  • Configuring File Management Tasks
  • Skill Summary
  • Business Case Scenarios

Hands-on LAB Activities

Configuring Disk and File Encryption

  • Deploying BitLocker Without TPM
  • Installing the Network Unlock Feature
  • Installing BitLocker
  • Enabling BitLocker to Use Secure Boot
  • Enabling VM Security Options
  • Configuring Group Policy Settings for Network Unlock
  • Encrypting a Folder or File Using EFS
  • Adding Recovery Agents for EFS

Implementing Server Patching and Updating Solutions

  • Configuring Automatic Updates Using Group Policies
  • Installing a WSUS Server
  • Creating a GPO to Enable AutoUpdate for Client Computers

Implementing Malware Protection and Protecting Credentials

  • Scheduling a Windows Defender Scan
  • Configuring Windows Defender with GPOs
  • Configuring Windows Defender Scans Using Windows PowerShell
  • Creating Code Integrity Policy Rules
  • Enabling Credential Guard Using Regedit
  • Exporting the Local Policy
  • Creating an AppLocker Rule
  • Getting AppLocker File Information Using Windows PowerShell
  • Enabling a Virtual Machine Secure Boot and TPM
  • Enabling Device Guard

Creating Security Baselines

  • Backing Up GPOs

Securing Virtual Machines with Guarded Fabric and Shielding VMs

  • Installing the HGS Role
  • Creating a Generation 2 Virtual Machine
  • Enabling a Virtual Machine Secure Boot and Shielding

Configuring Windows Firewall and a Software-Defined Datacenter Firewall

  • Creating an Outbound Rule
  • Creating an Inbound Rule
  • Creating an Authentication Exemption Rule
  • Exporting a Firewall Policy
  • Creating a Firewall Rule Using PowerShell
  • Importing a Windows Firewall Rule into a Group Policy Object
  • Enabling the ICMP Traffic on the Sending Host
  • Creating the Required AD DS Security Groups

Securing Network Traffic

  • Creating a New GPO for Domain Isolation
  • Adding an IPsec Policy Rule
  • Enabling SMB Encryption
  • Configuring DNSSEC on an Active Directory Integrated Zone

Implementing Just-Enough-Administration (JEA)

  • Enabling PowerShell Module and Script Block Logging
  • Creating and Configuring a Session-Configuration File

Implementing Privileged Access Workstations, Loc...ord Solution (LAPS), and User Rights Assignments

  • Running Programs as an Administrator
  • Configuring User Rights Assignment
  • Enabling Restricted Admin and Windows Defender Remote Credential Guard Using Registry Editor
  • Turning on Windows Defender Remote Credential Guard by Using Group Policy

Configuring Advanced Audit Policies

  • Implementing an Audit Policy
  • Auditing Files and Folders
  • Enabling Dynamic Access Control Resources
  • Defining Global Object Access Auditing
  • Configuring the Monitoring of Removable Storage Devices

Securing Application Development and Server Workload Infrastructure

  • Installing and Configuring a Nano Server
  • Installing Windows Containers

Implementing a Secure File Services Infrastructure and Dynamic Access Control (DAC)

  • Installing File Server Resource Manager
  • Creating a Quota Template
  • Creating a File Screen
  • Creating File Groups
  • Creating a File Screen Template
  • Installing Work Folders
  • Enabling DAC for AD DS
  • Configuring Access-Denied Remediation

Exam FAQs

There are no technical prerequisites for this certification.

USD 165

The exam contains 40-60 questions.

120 minutes

The passing score varies from exam to exam and is provided on the score report.

General Microsoft Certification exam retake policy

  • If a candidate does not achieve a passing score on an exam the first time, the candidate must wait 24 hours before retaking the exam. At that time, candidates can log onto their certification dashboard and reschedule the exam themselves.
  • If a candidate does not achieve a passing score the second time, the candidate must wait at least 14 days before retaking the exam a third time.
  • A 14-day waiting period is also imposed between the third and fourth attempts and fourth and fifth attempts.
  • A candidate may not take a given exam any more than five times per year (12 months). This 12-month period starts from the first attempt. The candidate is eligible to retake the exam 12 months from the date of their first attempt.
  • To take a given exam more than five times per year or to have the time between attempts waived, a candidate must have experienced one of the errors listed below and request an exception from Microsoft. Requests should be sent to mlsecure@microsoft.com. These requests must include the following information:
    • Candidate ID
    • First/Last Name
    • Email associated with your Candidate ID
    • Exam Registration ID
    • Exam Number
    • Description of error
    • Pearson VUE case number

Exam retake exceptions will be granted for the following reasons:

  • Failure due to lab crash
  • Failure due to Internet connectivity issues
  • Failure due to equipment failure

For life