-
Manage certificates
-
Manage certificate templates
-
Implement and manage certificate deployment, validation, and revocation
-
Configure and manage key archival and recovery
-
-
Install and configure AD FS
-
Examine AD FS requirements
-
Install the AD FS server role
-
Configure the AD FS server role
-
Implement claims-based authentication, including relying party trusts
-
Configure authentication policies Implement and configure device registration
-
Configure for use with Microsoft Azure and Microsoft Office 365
-
Configure AD FS to enable authentication of users stored in LDAP directories
-
Upgrade and migrate previous AD FS workloads to Windows Server 2016
-
-
Implement Web Application Proxy
-
Install and configure Web Application Proxy
-
Integrate Web Application Proxy with AD FS
-
Implement Web Application Proxy in pass-through mode
-
Publish Remote Desktop Gateway applications
-
-
Install and configure AD RMS
-
Deploy AD RMS server
-
Manage rights policy templates
-
Configure exclusion policies
-
Backup and restore AD RMS
-
-
Implement server hardening solutions
-
Configure disk and file encryption
-
Implement malware protection
-
Protect credentials
-
implement Credential Guard
-
configure Credential Guard using Group Policy
-
-
Create security baselines
-
Install and configure Microsoft Security Compliance Toolkit
-
create, view, and import security baselines
-
deploy configurations to domain and non-domain joined servers
-
-
-
Secure a Virtualization Infrastructure
-
Implement a Guarded Fabric solution
-
Install and configure the Host Guardian Service (HGS)
-
configure Admin-trusted attestation
-
configure TPM-trusted attestation
-
configure the Key Protection Service using HGS
-
migrate Shielded VMs to other guarded hosts
-
-
Implement Shielded and encryption-supported VMs
-
Determine requirements and scenarios for implementing Shielded VMs
-
create a shielded VM using only a Hyper-V environment
-
enable and configure vTPM to allow an operating system and data disk encryption within a VM
-
determine requirements and scenarios for implementing encryption-supported VM
-
-
-
Secure a network infrastructure
-
Configure Windows Firewall
-
Implement a Software Defined Datacenter Firewall
-
Secure network traffic
-
-
Manage Privileged Identities
-
Implement Just-In-Time Administration
-
Implement Just-Enough-Administration
-
Implement Privileged Access Workstations and User Rights Assignments
-
Implement Local Administrator Password Solution
-
-
Implement threat detection solutions
-
Configure advanced audit policies
-
Install and configure Microsoft Advanced Threat Analytics
-
Determine threat detection solutions using Operations Management Suite
-