1. Breach Detection and Using the Sysinternals Tools

• Overview of breach detection
• Using the Sysinternals tools to detect breaches

2. Protecting Credentials and Privileged Access

• Understanding user rights
• Computer and service accounts
• Protecting credentials
• Understanding privileged-access workstations and jump servers
• Deploying a local administrator-password solution

3. Limiting Administrator Rights with Just Enough Administration (JEA)

• Understanding JEA
• Configuring and deploying JEA

4. Privileged Access Management and Administrative Forest

• Understanding Enhanced Security Administrative Environment (ESAE) forests
• Overview of Microsoft Identity Manager (MIM)
• Implementing JIT and Privileged Access Management by using MIM

5. Mitigating Malware and Threats

• Configuring and managing Windows Defender
• Using software restricting policies (SRPs) and AppLocker
• Configuring and using Device Guard
• Using and deploying the Enhanced Mitigation Experience Toolkit

6. Analyzing Activity by Using Advanced Auditing and Log Analytics

• Overview of auditing
• Understanding advanced auditing
• Configuring Windows PowerShell auditing and logging

7. Analyzing Activity with Microsoft Advanced Threat Analytics Feature and Operations Management Suite (OMS)

• Overview of Advanced Threat Analytics
• Understanding OMS

8. Securing Your Virtualization and Infrastructure

• Overview of Guarded Fabric VMs
• Understanding shielded and encryption-supported VMs

9. Securing Application Development and Server-Workload Infrastructure

• Using Security Compliance Manager
• Introduction to Nano Server
• Understanding containers

10. Protecting Data with Encryption

• Planning and implementing encryption
• Planning and implementing BitLocker

11. Limiting Access to File and Folders

• Introduction to FSRM
• Implementing classification management and file-management tasks
• Understanding Dynamic Access Control (DAC)

12. Using Firewalls to Control Network Traffic Flow

• Understanding Windows Firewall
• Software-defined distributed firewalls

13. Securing Network Traffic

• Network-related security threats and connection-security rules
• Configuring advanced DNS settings
• Examining network traffic with Microsoft Message Analyzer
• Securing Server Message Block (SMB) traffic, and analyzing SMB traffic

14. Updating Windows Server

• Overview of Windows Server Update Services (WSUS)
• Deploying updates by using WSUS