34. Configure authentication policies silos Let’s talk about the concept of authentication policy silos. So, these are basically an authentication policy style is basically a container that allows administrators to assign specific user accounts, computer accounts, or even service accounts. And then using a policy, the admin can control that, that those user accounts can only authenticate to certain devices like certain other servers. For example, imagine if I had a user that is like, maybe, it’s like a service account or something […]
32. Manage account security on a read-only domain controller (RODC) Now I’d like to show you a couple of different ways that we could set up a RODC. All right. A read-only domain controller. The first method I’m going to show you is known as just prestaging a RODC server. Now, this is the way you would do things if you have not set up a server yet, that’s going to be your RODC server, but you plan on setting up a server […]
29. Configure password policies Now, when it comes to managing your password requirements inside of AD DS, Active Directory Domain Services, that is going to be done by group policies. All right. And you’re going to do that on a domain controller. And the domain controller is going to have a tool that is going to let you go in and edit your group policy objects, and you’re going to set your password requirements based on that. So, first order of business, of […]
24. Activating a free trial for Windows Defender for Endpoint Let’s talk about setting up Defender for Endpoint. If I go here to Google and I just do a search for Microsoft Defender for Endpoint, Microsoft has information about their Defender for Endpoint. Here is the learn article about that. And they basically tell you that Defender for Endpoint is going to allow you in the cloud to control your endpoints, your Windows-based machines, and from there your Windows-based machines can act as […]
Section 3: Secure Windows Server operating system 22. Configure and manage exploit protection I’d now like to spend some time talking about Windows Exploit Protection. This is a feature that’s been around since about 2018. Microsoft started really pushing the defender security capabilities that Windows supports and Exploit Protection is an additional layer of protection that stacks on top of what defender offers in the Windows environment. This is both supported by the server operating systems as well as your Windows client operating […]
153. Implementing Windows file permissions So, I want to show a little demonstration now of working with Windows Permissions on our file system, so first thing I have to do is open up File Explorer and go to my C drive and it’s going to create a folder called sales data. OK. And from there, we will just create a text file here called Docs. OK? Or actually just doc. OK. And so from there, you know, I’m going to look at the […]
151. Configure file systems Let’s take a look now at configuring the different file systems we can set up here on Windows Server, so here we are in Hyper-V. I’m just going to add an additional virtual hard drive to my NYC DC one, so, I’m going to right click or settings right here to my scuzzy controller and I’ll add a hard drive new, all right, dynamically expanding. And we’re just going to call this new data disk. Click next. OK, we […]
149. Configure Storage Quality of Service (QoS) So the next feature I’d like to talk about is a feature known as storage que os. Now, if you’re not familiar with QC, that’s quality of service. And pretty much anytime you hear that in it, it’s going to be related to prioritization of something, whether it’s network bandwidth or, in our case, storage. So storage quality service is something we can use in conjunction with virtual machines to help control the amount of bandwidth […]
