Hands-On Training - Summer 2023 Auditing Active Directory, Azure and Windows

Starts:  Jun 21, 2023 09:00 (ET)
Ends:  Jun 23, 2023 17:00 (ET)
Associated with  New York Metropolitan Chapter

The final class registration day will be closed on June 15 2023 at 08:30 pm. No exceptions are made.

Note:  Due to COVID-19 This event will be online only
" Please register for this class using the private email address (Gmail, yahoo, AOL, Hotmail address) and not your organizations' email address.
Many organizations block emails with attachments and block webex

Dates and Times: All times are New York time (Eastern Standard Time). Please click here to check the time and date in your location. 

Wednesday to Friday June 21st, 22nd, 23rd,  2023    9:00 AM - 5:00 PM EST

Prerequisite: Anyone who are interested in this topic

Benefits of this class:
Overview:  This 3-day course focuses on identifying the risks that are specific to an Active Directory and Windows environment. Controls that are needed for Azure and Office 365 will also be considered. The Windows operating system is typically well known and utilized, but can be difficult to secure since there are a large number of security options available. This course provides the tools and techniques to effectively conduct an Active Directory and Windows audit. Hands-on exercises give students the opportunity to conduct an audit on their own Windows system, as well as understand the different security options that Windows provides.

Course outline:

I. Basics
     • Identifying the system
     • Types of Windows systems
     • Registry
     • Resources
     • Windows Command Line Basics
     • Windows Security Features
II. Active Directory
     • LDAP
     • Domain Controllers
     • Global Catalog
     • Azure AD
     • Operations Master Roles (FSMO)
     • Trees and Forests
     • Trusts
     • OUs and Group Policy
     • Delegation of Authority
     • Server Roles
     • DNS
III. Windows as a Server
     • Feature and Quality Updates
     • Servicing Channels
IV. Cloud
     • AD Connect
     • Azure
     • Critical Azure Accounts
     • Controls that should exist in the Microsoft Cloud
     • Commands to get Users, Roles, Settings and other Important Azure Data
     • OneDrive
     • Office 365
     • Commands to get Users, Roles, Settings and other Important Office 365 Data
V. Users and groups
     • Permissions
     • Local and Domain Users
     • Default and Common accounts
     • Controlling access
     • Groups
     • Privileges/Rights
     • Permissions
     • Administrator accounts recommendations
     • Mandatory Integrity Control (MIC)
     • User Account Control (UAC)
VI. Passwords
VII. Patching
VIII. Ports, Services and Applications
     • Services MMC
     • Identifying Ports
     • Softer Restriction Policies
     • AppLocker/Application Control Policies
     • Specific services and applications
     • Server Manager
     • Virus and Malware Protection
     • Office 365
IX. Data Protection
     • Shares
     • Encryption
     • File integrity
     • Security Options
     • Network Access Protection
X. Auditing and logging
XI. Windows specific tools
     • Power Shell
     • SCA
     • Security Templates
     • WMIC

Instructor:  Ms. Tanya Baccam, CPA, CISSP, GCIH, GPPA, GSEC, CISA, CISM, CITP, OCP DBA
Tanya is an experienced information security consultant and senior SANS  instructor. She has consulted with a variety of clients about their security architecture in areas such as perimeter security, network infrastructure design, system audits, Web server security, Web application assessments, risk assessments, penetration testing, and database security. She has played an integral role in developing multiple business applications in roles ranging from the director of assurance services for a security services consulting firm, the manager of infrastructure security for a healthcare organization, and as a  manager at Deloitte. She currently holds CPA, GIAC GCIH, CISSP, CISM,  CITP, CISA, CCNA, and OCP DBA certifications. 

Laptop Required
Students are required to have a laptop in order to complete the hands-on exercises. The laptop should meet the following specifications for the  student to get the most from the exercises:
     • USB Port
     • 8 GB RAM or higher
     • 25 GB available hard drive space
     • Windows 7 professional or later (Home or similar editions will not have some of the features needed.)
     • Administrator privileges including the capability to install and run tools, as well as disable anti-virus
     • VMWare Player should be installed
Who should attend as this course's Target Audience
• Internal Auditors, IT Specialist Auditors, IT Auditors, IT Audit Managers, Information System Auditors, Information System
Managers, Information Technology Auditors, Information Security Officers, Consultants

Course Material: This Will be sent out prior to the class via email.


Important: Anyone who fails to make a payment online will not be considered an attendee. 

CPE Credits: 21     Capacity:  webinar - 25 people.

Live broadcast webinar location: Anywhere in the world
Refund Policy:  100%  Refund before May 22nd 2023.  A refund must be requested in writing and will not be accepted after the said date. Please modify your registration with your confirmation number.  Once class material has been send out and the class has been delivered if one is absent NO REFUND will be granded.

Very Important: 

Anyone who fails to make a payment online will not be considered an attendee. 

  • CPE  credits can be applied toward each ISACA designation that is held. Full  CPE credits will be awarded only if all sections of Preparation classes have been attended.
  • Webinar sessions are not being recorded - it's a live broadcast.
  • You cannot switch between onsite and online sessions once decided if is offered the choices.
  • Webinar access instructions are provided prior to the first day of class.
  • For webinar attendees, For the best result please use the PC, or labtop.