Database & Operating System Security Courses
SQL Server Security, Linux Security, Windows Server Security, Microsoft 365 & Windows 10 Security
SQL Server Administration and Security
5 Days
This course provides students who administer, maintain, and secure SQL Server databases with the knowledge and skills to administer and secure a SQL server database infrastructure. Prerequisites not required.
Course Outline
Assigning Server and Database Roles
- Working with Server Roles
- Working with Fixed Database Roles
- Defined Database Roles
Authorizing Users to Access Resources
- Authorizing User Access to Objects
- Authorizing Users to Execute Code
- Configuring Permissions at the Schema Level
Protecting Data with Encryption and Auditing
- Options for auditing data access in SQL Server
- Implementing SQL Server Audit
- Managing SQL Server Audit
- Protecting Data with Encryption
Recovery Models and Backup Strategies
- Understanding Backup Strategies
- SQL Server Transaction Logs
- Planning Backup Strategies
Backing Up SQL Server Databases
- Backing Up Databases and Transaction Logs
- Managing Database Backups
- Advanced Database Options
Restoring SQL Server Databases
- Understanding the Restore Process
- Restoring Databases
- Advanced Restore Scenarios
- Point-in-Time Recovery
SQL Server Management
- Automating SQL Server management
- Working with SQL Server Agent
- Managing SQL Server Agent Jobs
- Multi-server Management
Configuring Security for SQL Server Agent
- Understanding SQL Server Agent Security
- Configuring Credentials
- Configuring Proxy Accounts
Monitoring SQL Server with Alerts and Notifications
- Monitoring SQL Server Errors
- Configuring Database Mail
- Operators, Alerts, and Notifications
- Alerts in Azure SQL Database
Introduction to Managing SQL Server By Using PowerShell
- Getting Started Windows PowerShell
- Configure SQL Server using PowerShell
- Administer and Maintain SQL Server with PowerShell
- Managing Azure SQL Databases using PowerShell
Monitoring SQL Server
- Monitoring activity
- Capturing and Managing Performance Data
- Analyzing Collected Performance Data
Importing and Exporting Data
- Transferring Data to and from SQL Server
- Importing and Exporting Table Data
- Using bcp and BULK INSERT to Import Data
- Deploying Data-Tier Applications
Threat Analysis and Compliance
- Threat Modeling
- Identifying Assets
- Creating and Architecture Overview
- Creating a Security Profile
- Identifying Threats
- Rating Threats
- Creating Countermeasures
- Compliance Considerations
- Introducing SOX for SQL Server
- Introducing GDPR for SQL Server
SQL Server Security Model
- Security Principal Hierarchy
- Instance Level Security
- Logins
- Server Roles
- Credentials
- Database-Level Security
- Users
- Database Roles
SQL Server Audit
- Audit Actions and Action Groups
- Implementing SQL Server Audit
- Creating a Server Audit
- Creating a Server Audit Specification
- Creating a Database Audit Specification
- Creating Custom Audit Events
- Raising the Event
Data-Level Security
- Schemas
- Ownership Chaining
- Impersonation
- Row-Level Security
- Security Predicates
- Security Policies
- Implementing RLS
- Dynamic Data Masking
Encryption in SQL Server
- Generic Encryption Concepts
- Defense in Depth
- Symmetric Keys
- Asymmetric Keys
- Certificates
- Self-Signed Certificates
- Windows Data Protection API
SQL Server Encryption Concepts
- Master Keys
- EKM and Key Stores
- SQL Server Encryption Hierarchy
Encrypting Data
- Encrypting Data with a Password or Passphrase
- Encrypting Data with keys and Certificates
Transparent Data Encryption
- Considerations for TDE with Other Technologies
- Implementing TDE
- Administering TDE
Always Encrypted
- Implementing Always Encrypted
Red Hat Linux Security
5 days
This hands-on course is designed for security administrators and system administrators who need to manage the secure operation of servers running Red Hat® Enterprise Linux®, whether deployed on physical hardware, as virtual machines, or as cloud instances. Maintaining security of computing systems is a process of managing risk through the implementation of processes and standards backed by technologies and tools. In this course, you will learn about resources that can be used to help you implement and comply with your security requirements. Prerequisites: Red Hat Certified Engineer or demonstrate equivalent Red Hat Enterprise Linux knowledge and experience.
Course summary
- Manage compliance with OpenSCAP.
- Enable SELinux on a server from a disabled state, perform basic analysis of the system policy, and mitigate risk with advanced SELinux techniques.
- Proactively identify and resolve issues with Red Hat Insights.
- Monitor activity and changes on a server with Linux Audit and AIDE.
- Protect data from compromise with USBGuard and storage encryption.
- Manage authentication controls with PAM.
- Manually apply provided Ansible Playbooks to automate mitigation of security and compliance issues.
- Scale OpenSCAP and Red Hat Insights management with Red Hat Satellite and Red Hat Ansible Tower.
Course Outline
- Manage security and risk
- Define strategies to manage security on Red Hat Enterprise Linux servers.
- Automate configuration and remediation with Ansible
- Remediate configuration and security issues with Ansible Playbooks.
- Protect data with LUKS and NBDE
- Encrypt data on storage devices with LUKS and use NBDE to manage automatic decryption when servers are booted.
- Restrict USB device access
- Protect system from rogue USB device access with USBGuard.
- Control authentication with PAM
- Manage authentication, authorization, session settings, and password controls by configuring pluggable authentication modules (PAMs).
- Record system events with audit
- Record and inspect system events relevant to security, using the Linux kernel's audit subsystem and supporting tools.
- Monitor file system changes
- Detect and analyze changes to a server's file systems and their contents using AIDE.
- Mitigate risk with SELinux
- Improve security and confinement between processes by using SELinux and advanced SELinux techniques and analyses.
- Manage compliance with OpenSCAP
- Evaluate and remediate a server's compliance with security policies by using OpenSCAP.
- Automate compliance with Red Hat Satellite
- Automate and scale your ability to perform OpenSCAP checks and remediate compliance issues using Red Hat Satellite.
- Analyze and remediate issues with Red Hat Insights
- Identify, detect, and correct common issues and security vulnerabilities with Red Hat Enterprise Linux systems by using Red Hat Insights.
- Perform a comprehensive review
- Review the content covered in this course by completing hands-on review exercises.
Windows Server Security
5 days
Students should have at least two years of experience in the IT field and should have: a solid, practical understanding of networking fundamentals, including TCP/IP, User Datagram Protocol (UDP), and Domain Name System (DNS); a solid, practical understanding of Active Directory Domain Services (AD DS) principles; a solid, practical understanding of Microsoft Hyper-V virtualization fundamentals; and an understanding of Windows Server security principles.
After completing this course, students will be able to:
- Secure Windows Server.
- Secure application development and a server workload infrastructure.
- Manage security baselines.
- Configure and manage just enough and just-in-time (JIT) administration.
- Manage data security.
- Configure Windows Firewall and a software-defined distributed firewall.
- Secure network traffic.
- Secure your virtualization infrastructure.
- Manage malware and threats.
- Configure advanced auditing.
- Manage software updates.
- Manage threats by using Advanced Threat Analytics (ATA) and Microsoft Operations Management Suite (OMS).
Course Outline
- Breach detection and using the Sysinternals tools
- Protecting credentials and privileged access
- Limiting administrator rights with Just Enough Administration
- Privileged Access Management and administrative forests
- Mitigating malware and threats
- Analyzing activity by using advanced auditing and log analytics
- Analyzing activity with Microsoft Advanced Threat Analytics feature and Operations Management Suite
- Securing your virtualization an infrastructure
- Securing application development and server-workload infrastructure
- Limiting access to file and folders
- Using firewalls to control network traffic flow
- Securing network traffic
- Updating Windows Server
Microsoft 365 and Windows 10 Security Administration
4 days with exam MS-500
Prerequisites: Basic conceptual understanding of Microsoft Azure; experience with Windows 10 devices; experience with Office 365; basic understanding of authorization and authentication; basic understanding of computer networks; and working knowledge of managing mobile devices.
In this course you will learn how to secure user access to your organization’s resources. The course covers user password protection, multi-factor authentication, how to enable Azure Identity Protection, how to setup and use Azure AD Connect, and introduces you to conditional access in Microsoft 365.
You will learn about threat protection technologies that help protect your Microsoft 365 environment. Specifically, you will learn about threat vectors and Microsoft’s security solutions to mitigate threats. You will learn about Secure Score, Exchange Online protection, Azure Advanced Threat Protection, Windows Defender Advanced Threat Protection, and threat management. In the course you will learn about information protection technologies that help secure your Microsoft 365 environment.
The course discusses information rights managed content, message encryption, as well as labels, policies and rules that support data loss prevention and information protection. Lastly, you will learn about archiving and retention in Microsoft 365 as well as data governance and how to conduct content searches and investigations. This course covers data retention policies and tags, in-place records management for SharePoint, email retention, and how to conduct content searches that support eDiscovery investigations.