• Online, Self-Paced
Course Description

As a security operations person, you'll need to tailor your methods to suit the operating system your working with. This course covers some of the core competencies required to conduct offensive security operations against a Windows environment.

Throughout this course, you'll learn how to recognize the differences between various Windows versions. You'll examine the role of intrusion detection systems (IDS) and intrusion prevention systems (IPS) in a Windows environment. You'll then learn about the MITRE ATT&CK framework and how it relates to Windows intrusions and identify the different Windows logging mechanisms.

Next, you'll practice using event logging, basic PowerShell commands, and the Windows Registry. You'll then explore how the Windows hashing algorithm works and practice cracking an NTLM hash value. Lastly, you'll investigate different data artifacts within Windows and outline how best to work with Active Directory and Kerberos.

Learning Objectives

{"discover the key concepts covered in this course"}

Framework Connections