SANS SEC505 Securing Windows with PowerShell and the critical security controls 2017 On-demand Videos

SANS SEC505: Securing Windows with PowerShell and the critical security controls 2017 On-demand Videos
English | Size: 3.87 GB
Category: Tutorial

Hackers know how to use PowerShell for evil. Do you know how to use it for good? In SEC505 you will learn how to use PowerShell to automate Windows security management across an Active Directory enterprise and in the cloud. Don’t just learn PowerShell syntax, learn how to leverage PowerShell as a platform for security.

You’ve run a vulnerability scanner and applied patches – now what? A major theme of this course is defensible architecture: we have to assume that there will be a breach, so we need to build in damage control from the beginning. Whack-a-mole incident response cannot be our only defensive strategy – we’ll never win, and we’ll never get ahead of the game. By the time your monitoring system tells you a Domain Admin account has been compromised, IT’S TOO LATE.

For the assume breach mindset, we must carefully delegate limited administrative powers so that the compromise of one administrator account is not a total catastrophe. Managing administrative privileges and credentials is a tough problem, so this course devotes an entire day to just this one critical task. Perhaps you’ve taken a hacking course at SANS and you now want to learn Windows mitigations: SEC505 is that course. SEC505 is the defense-only mirror image of SEC504 with regard to Windows and Active Directory.

Learning PowerShell is also useful for another kind of security: job security. Employers are looking for people with these skills. You don’t have to know any PowerShell to attend the course, we will learn it together. About half the labs during the week are PowerShell, while the rest use graphical security tools. Many of the PowerShell scripts written by the course author are free in GitHub (just go to

This course is not a vendor show to convince you to buy another security appliance or to install yet another endpoint agent. The idea is to use built-in or free Windows and Active Directory security tools when we can (especially PowerShell and Group Policy) and then purchase commercial products only when absolutely necessary.

If you are an IT manager or CIO, the aim for this course is to have it pay for itself 10 times over within two years, because automation isn’t just good for security, it can save money too.

This course is designed for systems engineers, security architects, and the Security Operations (SecOps) team. The focus of the course is on how to automate the NSA Top 10 Mitigations, the CIS Critical Security Controls related to Windows, and the MITRE ATT&CK mitigations for Windows, especially the ones that are the difficult to implement in large environments.

SEC505 will also prepare you for the GIAC Certified Windows Security Administrator (GCWN) certification exam to prove your Windows security expertise. The GCWN certification counts towards a Master’s Degree in Information Security from the SANS Technology Institute ( and satisfies the Department of Defense 8140 computing environment requirement. The GCWN is also a foundational certification for soldiers in the U.S. Army’s 255-S Information Protection Program. For DoD students, we will see how to apply the NSA/DISA Secure Host Baseline.

This is a fun course and a real eye-opener, even for Windows administrators with years of experience. We don’t cover patch management, share permissions, or other such basics – the aim is to go far beyond that. Come have fun learning PowerShell and Windows security at the same time!

Buy Long-term Premium Accounts To Support Me & Max Speed


If any links die or problem unrar, send request to

About WoW Team

I'm WoW Team , I love to share all the video tutorials. If you have a video tutorial, please send me, I'll post on my website. Because knowledge is not limited to, irrespective of qualifications, people join hands to help me.

Skip to toolbar