• Online, Self-Paced

Discover advanced threat detection solutions for your Windows computing systems. In this course, you will examine the protective tools and features offered by Microsoft. Topics include the following: how to configure and use local and advanced audit policies, how to configure group policies such as AuditPol.exe, and the Audit PNP activity policy; how to enable and configure module, script block, and transcription logging in Windows PowerShell. Other topics include how to configure AutoGateway and Microsoft Advanced Threat Analytics, as well as how to review and edit suspicious activities on the attack time line. Finally, you will explore how to deploy and use OMS for log analytics, auditing, and security functions.

Learning Objectives

{"configure advanced audit policies"}

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.