Description
Audience Profile
This course is intended for IT Professionals that require a deeper understanding of Windows PowerShell security related features and exploits and to increase their knowledge level through a predominately hands-on experience implementing Windows PowerShell security features.
At Course Completion
After completing this course, students will be able to:
- Provide an overview of Windows PowerShell
- Describe PowerShell editions and versions
- Install and use Windows PowerShell and PowerShell Core
- Manage execution of local PowerShell scripts
- Manage remote execution of Windows PowerShell
- Manage remote execution of PowerShell Core
- Describe security implications of using Constrained Language Mode
- Describe the architecture and components of Windows PowerShell DSC
- Recommend Windows PowerShell auditing and logging configuration
- Provide examples of Windows PowerShell-based attacks
- Use Windows PowerShell-based security tools
- Provide an overview of Windows PowerShell-based security-related technologies
- Implement Windows PowerShell logging by using Desired State Configuration (DSC)
- Identify and mitigate Windows PowerShell-based exploits
Prerequisites
In addition to their professional experience, students who take this training should already have the following technical knowledge:
- A good foundation in accessing and using simple Windows PowerShell commands
- The current cybersecurity ecosystem
- Experience with Windows Client and Server administration, maintenance, and troubleshooting.
- Basic experience and understanding of Windows networking technologies, to include Windows Firewall network setting, DNS, DHCP, WiFi, and cloud services concepts.
- Basic experience and understanding of Active Directory, including functions of a domain controller, sign on services, and an understanding of group policy.
- Knowledge of and relevant experience in systems administration, using Windows 10.