Windows Environments

IT Security    |    Beginner
  • 16 videos | 1h 31m 4s
  • Includes Assessment
  • Earns a Badge
Likes 18 Likes 18
As a security operations person, you'll need to tailor your methods to suit the operating system your working with. This course covers some of the core competencies required to conduct offensive security operations against a Windows environment. Throughout this course, you'll learn how to recognize the differences between various Windows versions. You'll examine the role of intrusion detection systems (IDS) and intrusion prevention systems (IPS) in a Windows environment. You'll then learn about the MITRE ATT&CK framework and how it relates to Windows intrusions and identify the different Windows logging mechanisms. Next, you'll practice using event logging, basic PowerShell commands, and the Windows Registry. You'll then explore how the Windows hashing algorithm works and practice cracking an NTLM hash value. Lastly, you'll investigate different data artifacts within Windows and outline how best to work with Active Directory and Kerberos.


  • discover the key concepts covered in this course
    recognize the standard security features and controls placed on Windows hosts
    identify different Windows Server operating systems and their various uses within the environment
    recognize the role of intrusion detection systems (IDS) and intrusion prevention systems (IPS) within a Windows environment
    outline the MITRE ATT&CK framework and how it relates to Windows intrusions
    identify the location of command Windows-based logs and the event viewer
    view Windows event logging in action
    name the various user and service accounts within a Windows Active Directory environment
  • use basic Windows and PowerShell commands
    outline how NTFS and Active Directory permissions work and some of their common misconfigurations
    describe the hashing algorithm used to store Windows passwords
    crack an NTLM hash value using several tools
    use the Windows Registry and recognize the different artifacts contained within
    list and describe various artifacts created within the Windows operating system
    outline how Kerberos works and some common Active directory misconfigurations
    summarize the key concepts covered in this course


  • 1m 49s
  • 8m 44s
  • Locked
    3.  Windows Server Operating System Types
    5m 58s
  • Locked
    4.  Intrusion Detection and Prevention in Windows
    5m 19s
  • Locked
    5.  The MITRE ATT&CK Framework and Windows Intrusions
    5m 38s
  • Locked
    6.  The Logging Features in Windows
    6m 2s
  • Locked
    7.  Viewing Event logging
    5m 12s
  • Locked
    8.  The Different Windows Account Types
    5m 29s
  • Locked
    9.  Using Windows Commands
    6m 46s
  • Locked
    10.  How Windows Permissions Work
    4m 40s
  • Locked
    11.  NT (New Technology) LAN Manager (NTLM) in Windows
    2m 55s
  • Locked
    12.  Cracking an NTLM Hash
    9m 59s
  • Locked
    13.  Using the Windows Registry
    8m 40s
  • Locked
    14.  Artifacts Found in Windows OS
    5m 5s
  • Locked
    15.  How Active Directory and Kerberos Work
    7m 19s
  • Locked
    16.  Course Summary
    1m 29s


Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.