Course Windows/Server Security in the Context of ISO/IEC 27001 and 27002
Active Directory security in accordance with the requirements of ISO/IEC 27001 and 27002 standards. You will gain skills...
Active Directory security in accordance with the requirements of ISO/IEC 27001 and 27002 standards. You will gain skills in aligning the existing security state of your enterprise domain with ISMS standards. You will be able to independently analyze, evaluate and propose measures in your corporate network so that they cover identified risks and eliminate undesirable events.
Minimum input knowledge
Knowledge of working with Windows Server at least at the level of the Active Directory - daily tasks of a system administrator course, knowledge of at least the basics of group policies. Practical experience in an enterprise IT department is an advantage.
Course dates Windows/Server Security in the Context of ISO/IEC 27001 and 27002
Daily courses (2 days): 09:00 - 15:00
Course price: 650.00 / 799.50 EUR
without VAT / incl. VAT
The manual is included in the training price.
Training syllabus Windows/Server Security in the Context of ISO/IEC 27001 and 27002
Review of Information Security Basics
- In a playful form, we will review basic terms and necessary terminology from information security so that we can build on the advanced requirements of the standards. Basic legislative acts of Slovak legislation in this area.
Basic Principles of the ISO/IEC 27001 Standard
Information Security Management According to ISO/IEC27001
- in the context of an enterprise domain built on Active Directory and a LAN computer network. We use the second, latest revision of standard 27001 from 2013.
Procedure for Applying Recommendations According to ISO/IEC27002
Information Security Policies
- creation, examination
Asset Management
- responsibilities, asset ownership, acceptable use, return, information classification, information labeling, media management, media disposal and transfer
Access Control
- to the domain, information system, generally - access, registration and deactivation of users with regard to GDPR rights and obligations and Slovak legislation, privilege management, management of secret authentication data, examination of access rights, management of access to systems and applications, secure login, practical demonstrations in Windows OS, policy settings for compliance with this standard requirement, password control and management in the context of redundancy and substitutability, privileged programs
Cryptography Theoretically and Practically
- we will not examine mathematical procedures, but from a management point of view we will focus on cryptographic measures, key management and demonstrate individual measures in the MS Windows environment.
Physical and Environmental Security
- physical security perimeter, management of physical premises, securing offices and resources, protection against threats of the physical environment, work in a security zone, placement of devices and their protection, process from purchasing an asset/device to its secure disposal, how to manage the security of assets outside the organization
Operational Security
- configuration management, documentation of operating procedure, change management, environment segregation, measures against malicious code, backup in administrators' daily practice, monitoring and protection of the audit log, unified time settings
Communication Security
- security management at the network level, security of network services, network separation, information transfer, information exchange agreements, exchange of electronic messages, system change management procedures
Information Security Incident Management
- responsibility and procedures, reporting information security events, assessment of information security events and decisions about them, legislative and technical aspects of security incidents, recommended procedure for what to do in a security incident, lessons learned from incidents
Information Security Continuity
- continuity planning and evaluation, when redundancy is suitable, where it does and does not make sense to consider redundant sources and resources, continuity evaluation based on the company's history and current trends
Output knowledge
You will be able to independently implement ISMS requirements in the context of ISO/IEC 27001/27002 in a corporate network environment - Windows OS, Windows Server, Active Directory.
Recommended courses after completing Windows/Server Security in the Context of ISO/IEC 27001 and 27002
Show all courses from category Windows Server, Linux courses
Contact us
If you need a custom date, group training, or help choosing the right course, contact Macrosoft directly. We will help you with the next step.
Need more details?
Open the contact page for a full enquiry flow, company billing details, and directions to the training centre.
Course Reviews Windows/Server Security in the Context of ISO/IEC 27001 and 27002
This course has no published reviews yet.
You can add a review after completing the course.