VU23225 Investigate Windows security features.
This unit investigates the fundamentals of Windows security features. It requires the ability to comprehend the basic architecture of Windows, identify security features such as log files, instrumentation and how a basic attack might occur. The unit investigates tools to collect security data centrally and query it to identify potential threats.
In this unit students will:
- Examine the structure of the Windows Operating System
- Examine System Administration tools
- Investigate tools used to examine basic Windows attacks
- Investigate the function and role of a Security Operation Centre (SOC) and Security Information Event Management (SIEM) tool
- Examine methods to collect data from multiple end points into a SIEM tool
- Implement mitigation strategies for threats.
List of Articles:
Detailed Report on “VU23225 Investigate Windows Security Features – Lesson 01
Detailed Report on "VU23225 Investigate Windows Security Features"OverviewThis is an educational lesson aimed at providing comprehensive knowledge on various aspects of Windows operating system security. The content is structured into several key sections that cover the architecture of the Windows OS, its file systems, the registry, process execution, thread management, and the role of Dynamic...
Detailed Report on “VU23225 Investigate Windows Security Features – Lesson 02
Detailed Report on "VU23225 Investigate Windows Security Features - Lesson 02OverviewThe document titled "VU23225 Investigate Windows Security Features - Lesson 02" focuses on the management of system and user accounts, monitoring, logging mechanisms, and scheduling tasks within the Windows operating system. The content aims to provide a comprehensive understanding of these features to enhance security...
Detailed Report on “VU23225 Investigate Windows Security Features – Lesson 03
Detailed Report on "VU23225 Investigate Windows Security Features - Lesson 03"OverviewThe document titled "VU23225 Investigate Windows Security Features - Lesson 03" focuses on various aspects of malware, including methods of infection, techniques to avoid detection, methods of maintaining persistence, and tools for detection. The content aims to provide a comprehensive understanding of malware and its...
Detailed Report on VU23225 Investigate Windows Security Features – Lesson 04
Detailed Report on VU23225 Investigate Windows Security Features - Lesson 04OverviewThe document titled "VU23225 Investigate Windows Security Features - Lesson 04" covers the concepts of Security Operations Centres (SOCs) and Security Incident and Event Management (SIEM) systems. It also introduces the SIEM tool called Splunk. The content is aimed at providing an understanding of the...
Detailed Report on VU23225 Investigate Windows Security Features – Lesson 05
Detailed Report on VU23225 Investigate Windows Security Features - Lesson 05OverviewThe document titled "VU23225 Investigate Windows Security Features - Lesson 05" focuses on operating a SIEM tool called Splunk. It covers the process of importing data into a SIEM, setting up data forwarding from Windows endpoints, and performing basic SIEM commands. The content aims to...
Detailed Report on VU23225 Investigate Windows Security Features – Lesson 06
Detailed Report on VU23225 Investigate Windows Security Features - Lesson 06OverviewThe document titled "VU23225 Investigate Windows Security Features - Lesson 06" focuses on threat hunting in Windows using Splunk as a SIEM tool. It covers the introduction to threat hunting, understanding Windows Event Logs, identifying key Windows threats, leveraging Splunk for threat detection, and utilizing...
Detailed Report on VU23225 Investigate Windows Security Features – Lesson 07
Detailed Report on VU23225 Investigate Windows Security Features - Lesson 07OverviewThe document titled "VU23225 Investigate Windows Security Features - Lesson 07" focuses on mitigating threats in Windows, also known as system hardening. It covers configuring disk and file encryption, implementing patching and updates, malware protection, protecting credentials, application protection, and auditing.1. ObjectivesThe lesson sets out...