Security Strategies in Windows Platforms and Applications



This course focuses on new risks, threats, and vulnerabilities associated with the Microsoft Windows operating system. Particular emphasis is placed on Windows XP, Vista, and 7 on the desktop, and Windows Server 2003 and 2008 versions. The course highlights how to use tools and techniques to decrease risks arising from vulnerabilities in Microsoft Windows operating systems and applications. The course also covers more information on Microsoft Windows OS hardening, application security, and incident management.

In addition to premium instructional content from Jones & Bartlett Learning's comprehensive Information Systems Security and Assurance (ISSA) curriculum, this course provides access to a customized 'virtual sandbox' learning environment that aggregates an unparalleled spectrum of cybersecurity applications. Providing instant, unscheduled access to labs from the convenience of a web-browser, this course allows you to practice 'white hat' hacking on a real IT infrastructure—these are not simulations. Winner of the 'Security Training and Educational Programs' top prize at the prestigious 2013 Global Excellence Awards by Info Security Products Guide, the industry's leading information security research and advisory guide, these labs provide valuable exposure to complex, real world challenges and over 200 hours of training exercises on how hackers and perpetrators use these applications and tools.


This course covers content within the following industry certification exams:

  • Certified Information Systems Security Professional (CISSP) - five content domains covered
  • Security + - four content domains covered
  • System Security Certified Practitioner (SSCP) - six content domains covered
  • National Institute of Standards and Technology (NIST) - seven content domains covered
  • 8570.01 - four content domains covered


  • Information security analysts
  • Payroll specialists
  • IT infrastructure security specialists
  • People who decide which information technology and cybersecurity products to acquire for their organization


General knowledge of networking and management information systems

Learning Objectives

  • Security features of the Microsoft Windows operating systems
  • Implement secure access controls when setting up Microsoft Windows in a given organization
  • Set up encryption in a given organization to secure Windows environment
  • Install controls to protect a given Windows system from malware
  • Apply group policy controls and profile and audit tools to keep Windows systems secure
  • Perform backup and restore operations on a given Windows system
  • Design techniques to protect given Windows networks and systems from security vulnerabilities
  • Design techniques to protect given Windows application software from security vulnerabilities
  • Best practices for handling a given Microsoft Windows system and application incident
  • Best practices while managing changes to Windows and its applications

1. The Microsoft Windows Security Situation

  • Windows and the Threat Landscape
  • Security in Microsoft Windows OS

2. Managing and Maintaining Microsoft Windows Security

  • Access Controls in Microsoft Windows
  • Microsoft Windows Encryption Tools and Technologies
  • Protecting Microsoft Windows Against Malware
  • Group Policy Controls in Microsoft Windows
  • Microsoft Windows Security Profile and Audit Tools
  • Microsoft Windows Backup and Recovery Tools
  • Microsoft Windows Network Security
  • Microsoft Windows OS Security Administration

3. Microsoft Windows OS and Application Security Trends and Directions

  • Hardening the Windows OS
  • Microsoft Application Security
  • Microsoft Windows Incident Handling and Management
  • Microsoft Windows and the Security Lifecycle
  • Best Practices for Microsoft Windows and Application Security