CyberOps Windows Hardening: Windows Workstation Hardening Best Practices


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

If successful in exploiting your Windows workstations, hackers could move laterally across the network to compromise other assets like your servers and databases, which contain sensitive information.

In this course, you'll learn how to protect your Windows workstations by following standard operating system hardening procedures to reduce the attack surface and help prevent a security compromise.

You'll learn how to secure a workstation by implementing hardening procedures related to the BIOS/UEFI. You'll carry out user account and group membership security strategies. You'll practice reducing unneeded software, patching the system, configuring user rights, and setting up auditing.

Additionally, you'll work with full disk encryption, antivirus methods, firewall software, and security templates. To carry out this work, you'll utilize BitLocker, AppLocker, and Windows Defender.



Expected Duration (hours)
1.5

Lesson Objectives

CyberOps Windows Hardening: Windows Workstation Hardening Best Practices

  • discover the key concepts covered in this course
  • list common BIOS/UEFI settings used to help secure a Windows system
  • demonstrate how to harden user accounts on a Windows workstation
  • demonstrate how to restrict the software that can run on a Windows workstation using an AppLocker policy
  • demonstrate how to uninstall unneeded Windows components and harden Windows services on a Windows workstation
  • illustrate the importance of patching a Windows system
  • demonstrate how to create a password policy on a Windows workstation to prevent dictionary attacks
  • demonstrate how to create an account lockout policy on a Windows workstation to prevent brute force attacks
  • demonstrate how to manipulate Windows user rights
  • demonstrate how to implement full disk encryption with BitLocker
  • demonstrate how to use BitLocker To Go to encrypt removable media
  • demonstrate the configuration of Windows Defender as antimalware
  • demonstrate how to configure auditing on a Windows workstation
  • demonstrate the use of security templates on a Windows system
  • summarize the key concepts covered in this course

    • Course Number:
    it_cywnhddj_02_enus

    Expertise Level
    Beginner