Harden domain controllers

Contents

• Introduction Introduction

  • Exam AZ-801 configuring Windows Server hybrid advanced services: Introduction

    1m 26s
• Lesson 1: Implement Core OS Security Lesson 1: Implement Core OS Security

  • (Locked)
    Learning objectives

    40s
  • (Locked)
    Configure and manage exploit protection

    1m 50s
  • (Locked)
    Configure and manage Windows Defender Application Control

    1m 31s
  • (Locked)
    Configure and manage Windows Defender Credential Guard

    1m 47s
  • (Locked)
    Configure SmartScreen

    1m 6s
  • (Locked)
    Implement operating system security by using Group Policies

    1m 6s
  • (Locked)
    Manage Windows Server security baseline by using OSConfig

    1m 1s
  • (Locked)
    Configure secured-core Server features for high-security workloads

    17m 16s
• Lesson 2: Secure Local Accounts and Passwords Lesson 2: Secure Local Accounts and Passwords

  • (Locked)
    Learning objectives

    34s
  • (Locked)
    Implement Windows Local Administrator Password Solution

    5m 19s
  • (Locked)
    Configure password policies

    2m 25s
  • (Locked)
    Implement Microsoft Entra Password Protection for AD DS

    16m 47s
• Lesson 3: Manage Protected Users and RODCs Lesson 3: Manage Protected Users and RODCs

  • (Locked)
    Learning objectives

    34s
  • (Locked)
    Manage protected users

    2m 58s
  • (Locked)
    Manage account security on a Read-Only Domain Controller (RODC)

    2m 35s
  • (Locked)
    Harden domain controllers

    15m 8s
• Lesson 4: Configure Advanced Domain Security Lesson 4: Configure Advanced Domain Security

  • (Locked)
    Learning objectives

    39s
  • (Locked)
    Configure authentication policy silos

    4m 30s
  • (Locked)
    Restrict access to domain controllers

    1m 47s
  • (Locked)
    Configure security options for user accounts

    1m 21s
  • (Locked)
    Configure security options for built-in administrative groups

    1m 46s
  • (Locked)
    Manage AD delegation

    2m 54s
  • (Locked)
    Implement Just Enough Administration (JEA) and Just-In-Time (JIT) privileged access

    17m 7s
• Lesson 5: Monitor and Defend with Microsoft Security Tools Lesson 5: Monitor and Defend with Microsoft Security Tools

  • (Locked)
    Learning objectives

    42s
  • (Locked)
    Implement and manage Microsoft Defender for Identity

    3m 5s
  • (Locked)
    Audit usage of and disable NTLM

    2m 40s
  • (Locked)
    Implement ingestion of Windows Server data into Microsoft Sentinel

    3m 23s
  • (Locked)
    Manage security for Windows Server by using Microsoft Defender for Cloud

    3m 49s
  • (Locked)
    Manage security for Windows Server by using Microsoft Defender for Servers

    2m 44s
  • (Locked)
    Implement hotpatching for Windows Server Azure Edition virtual machines

    18m 44s
• Lesson 6: Secure Windows Server Networking Lesson 6: Secure Windows Server Networking

  • (Locked)
    Learning objectives

    38s
  • (Locked)
    Manage Windows Defender Firewall

    3m 13s
  • (Locked)
    Implement domain isolation

    2m 26s
  • (Locked)
    Implement connection security rules

    3m 10s
  • (Locked)
    Create and configure network security groups (NSGs) for Windows Server virtual machines on Azure

    16m 48s
• Lesson 7: Secure Storage with Encryption Lesson 7: Secure Storage with Encryption

  • (Locked)
    Learning objectives

    42s
  • (Locked)
    Manage Windows BitLocker Drive Encryption

    2m 32s
  • (Locked)
    Enable storage encryption by using Azure Disk Encryption

    2m 26s
  • (Locked)
    Manage and recover encrypted volumes

    1m 34s
  • (Locked)
    Manage disk encryption keys for IaaS virtual machines

    2m 55s
  • (Locked)
    Configure File Server Resource Manager (FSRM) and Storage QoS for workload governance

    25m 51s
• Lesson 8: Implement Failover Clusters Lesson 8: Implement Failover Clusters

  • (Locked)
    Learning objectives

    41s
  • (Locked)
    Implement a failover cluster on-premises, hybrid, or cloud-only

    1m 49s
  • (Locked)
    Create a Windows failover cluster, including workgroup clusters

    1m 28s
  • (Locked)
    Implement a stretch cluster across datacenters or Azure regions, including Storage Spaces Direct (S2D) campus clusters

    2m 16s
  • (Locked)
    Configure storage for failover clustering

    1m 56s
  • (Locked)
    Modify quorum options

    1m 20s
  • (Locked)
    Configure network adapters for failover clustering

    17m 58s
• Lesson 9: Configure Advanced Cluster Features Lesson 9: Configure Advanced Cluster Features

  • (Locked)
    Learning objectives

    41s
  • (Locked)
    Deploy and troubleshoot deployment, validation and cluster networking with Network ATC

    4m 36s
  • (Locked)
    Configure cluster workload options

    2m 43s
  • (Locked)
    Configure Scale-Out File servers

    2m 35s
  • (Locked)
    Configure an Azure witness

    2m 31s
  • (Locked)
    Configure a floating IP address for the cluster

    14m 5s
• Lesson 10: Manage and Maintain Clusters Lesson 10: Manage and Maintain Clusters

  • (Locked)
    Learning objectives

    37s
  • (Locked)
    Implement cluster-aware updating

    2m 27s
  • (Locked)
    Recover a failed cluster node

    2m 49s
  • (Locked)
    Upgrade failover cluster nodes

    3m 7s
  • (Locked)
    Failover workloads between nodes

    3m 2s
  • (Locked)
    Install Windows updates on cluster nodes

    2m 56s
  • (Locked)
    Use Windows Admin Center as the primary management tool for hybrid and cluster operations

    12m 43s
• Lesson 11: Implement Storage Spaces Direct Lesson 11: Implement Storage Spaces Direct

  • (Locked)
    Learning objectives

    34s
  • (Locked)
    Upgrade an S2D node

    5m 6s
  • (Locked)
    Implement networking for S2D

    2m 41s
  • (Locked)
    Configure S2D

    14m 34s
• Lesson 12: Protect VMs with Hyper-V Replication Lesson 12: Protect VMs with Hyper-V Replication

  • (Locked)
    Learning objectives

    30s
  • (Locked)
    Configure Hyper-V hosts for replication

    4m 52s
  • (Locked)
    Manage Hyper-V replica servers

    2m 45s
  • (Locked)
    Configure VM replication

    2m 39s
  • (Locked)
    Perform a failover

    11m 54s
• Lesson 13: Implement Azure Backup Lesson 13: Implement Azure Backup

  • (Locked)
    Learning objectives

    43s
  • (Locked)
    Backup and restore files and folders to Azure Recovery Services Vault

    5m 22s
  • (Locked)
    Deploy and manage Azure Backup Server

    3m 2s
  • (Locked)
    Back up and recover using Azure Backup Server

    2m 40s
  • (Locked)
    Manage backups in Azure Recovery Services Vault

    2m 11s
  • (Locked)
    Create an Azure Recovery Services Vault backup policy

    2m 20s
  • (Locked)
    Implement ransomware-aware backup and recovery strategies, including immutable storage and recovery testing

    15m 28s
• Lesson 14: Backup and Recover Azure VMs Lesson 14: Backup and Recover Azure VMs

  • (Locked)
    Learning objectives

    35s
  • (Locked)
    Configure backup for Azure VM using the built-in backup agent

    6m 13s
  • (Locked)
    Recover a VM using instant recovery snapshots

    2m 25s
  • (Locked)
    Recover VMs to new Azure VMs

    2m 44s
  • (Locked)
    Restore a VM, including encrypted VMs

    13m 55s
• Lesson 15: Implement Azure Site Recovery Lesson 15: Implement Azure Site Recovery

  • (Locked)
    Learning objectives

    40s
  • (Locked)
    Configure Azure Site Recovery network mapping

    4m 54s
  • (Locked)
    Configure Site Recovery for on-premises servers

    3m 31s
  • (Locked)
    Configure a recovery plan in Azure Site Recovery

    3m 3s
  • (Locked)
    Configure Site Recovery for Azure VMs

    2m 54s
  • (Locked)
    Implement VM replication to secondary datacenter or Azure region

    3m 11s
  • (Locked)
    Configure Azure Site Recovery replication policies

    17m 10s
• Lesson 16: Migrate Storage Using SMS Lesson 16: Migrate Storage Using SMS

  • (Locked)
    Learning objectives

    33s
  • (Locked)
    Transfer files, file shares, and security configurations by using Storage Migration Service (SMS)

    3m 55s
  • (Locked)
    Cut over to a new server by using Storage Migration Service (SMS)

    2m 44s
  • (Locked)
    Use Storage Migration Service to migrate to Azure VMs

    5m
  • (Locked)
    Migrate to Azure file shares

    16m 18s
• Lesson 17: Use Azure Migrate for Server Migration Lesson 17: Use Azure Migrate for Server Migration

  • (Locked)
    Learning objectives

    31s
  • (Locked)
    Deploy and configure Azure Migrate appliance

    6m 12s
  • (Locked)
    Migrate VM workloads to Azure VMs

    3m 12s
  • (Locked)
    Migrate physical servers to Azure VMs

    13m 29s
• Lesson 18: Migrate Server Roles Lesson 18: Migrate Server Roles

  • (Locked)
    Learning objectives

    31s
  • (Locked)
    Choose an appropriate migration method

    4m 54s
  • (Locked)
    Migrate IIS workloads and configurations

    2m 44s
  • (Locked)
    Migrate Hyper-V hosts

    2m 15s
  • (Locked)
    Migrate Remote Desktop Services (RDS) host servers

    9m 53s
• Lesson 19: Migrate Infrastructure Services Lesson 19: Migrate Infrastructure Services

  • (Locked)
    Learning objectives

    26s
  • (Locked)
    Migrate Dynamic Host Configuration Protocol (DHCP) servers

    5m 47s
  • (Locked)
    Migrate print servers

    3m 12s
  • (Locked)
    Migrate by using an in-place upgrade

    13m 56s
• Lesson 20: Migrate IIS Workloads to Azure Lesson 20: Migrate IIS Workloads to Azure

  • (Locked)
    Learning objectives

    32s
  • (Locked)
    Assess IIS workloads by using Azure Migrate

    2m 2s
  • (Locked)
    Migrate IIS workloads to Azure Web Apps

    2m 12s
  • (Locked)
    Migrate IIS workloads to containers

    1m 57s
  • (Locked)
    Deploy Windows containers to Azure Kubernetes Service (AKS)

    18m 43s
• Lesson 21: Migrate Active Directory to Windows Server 2025 Lesson 21: Migrate Active Directory to Windows Server 2025

  • (Locked)
    Learning objectives

    37s
  • (Locked)
    Choose an appropriate migration method

    4m 12s
  • (Locked)
    Implement a forest restructure

    2m 13s
  • (Locked)
    Migrate AD DS objects, including users, groups and Group Policies using AD Migration Tool

    2m 34s
  • (Locked)
    Migrate to a new Active Directory forest

    2m 39s
  • (Locked)
    Upgrade an existing forest, including setting functional levels

    11m 47s
• Lesson 22: Monitor Windows Server Performance Lesson 22: Monitor Windows Server Performance

  • (Locked)
    Learning objectives

    34s
  • (Locked)
    Monitor Windows Server by using Performance Monitor

    4m 49s
  • (Locked)
    Create and configure Data Collector Sets

    2m 56s
  • (Locked)
    Monitor servers and configure alerts by using Windows Admin Center

    2m 57s
  • (Locked)
    Analyze Windows Server system data by using System Insights

    2m 59s
  • (Locked)
    Manage event logs

    20m 26s
• Lesson 23: Monitor with Azure Services Lesson 23: Monitor with Azure Services

  • (Locked)
    Learning objectives

    35s
  • (Locked)
    Configure data collection rules for Azure Monitor

    5m 9s
  • (Locked)
    Create alerts

    1m 53s
  • (Locked)
    Monitor Azure VM performance by using VM Insights

    2m 26s
  • (Locked)
    Manage Windows Server resources with Azure Arc extensions and policies

    1m 46s
  • (Locked)
    Configure Azure Update Manager for hybrid patch orchestration

    17m 5s
• Lesson 24: Troubleshoot Core Services Lesson 24: Troubleshoot Core Services

  • (Locked)
    Learning objectives

    33s
  • (Locked)
    Troubleshoot connectivity

    3m 40s
  • (Locked)
    Troubleshoot name resolution

    2m
  • (Locked)
    Troubleshoot Windows Update

    1m 46s
  • (Locked)
    Troubleshoot Time Service

    2m 1s
  • (Locked)
    Troubleshoot deployment failures

    2m 17s
  • (Locked)
    Troubleshoot booting failures

    10m 27s
• Lesson 25: Troubleshoot Advanced Issues Lesson 25: Troubleshoot Advanced Issues

  • (Locked)
    Learning objectives

    33s
  • (Locked)
    Troubleshoot performance issues

    5m 3s
  • (Locked)
    Troubleshoot VM and Azure Arc extension issues

    2m 33s
  • (Locked)
    Troubleshoot disk encryption issues

    3m
  • (Locked)
    Troubleshoot storage

    3m 25s
  • (Locked)
    Troubleshoot Azure Arc server extension issues

    13m 40s
• Lesson 26: Troubleshoot Active Directory Lesson 26: Troubleshoot Active Directory

  • (Locked)
    Learning objectives

    43s
  • (Locked)
    Restore objects from AD recycle bin

    4m 8s
  • (Locked)
    Recover Active Directory database using Directory Services Restore Mode

    2m 11s
  • (Locked)
    Recover system volume (SYSVOL)

    2m 23s
  • (Locked)
    Troubleshoot Active Directory replication

    2m 28s
  • (Locked)
    Troubleshoot hybrid authentication and synchronization issues

    2m 38s
  • (Locked)
    Troubleshoot on-premises Active Directory

    2m 37s
  • (Locked)
    Troubleshoot hybrid identity synchronization with Microsoft Entra Connect

    20m 1s
• Summary Summary

  • (Locked)
    Exam AZ-801 configuring Windows Server hybrid advanced services: Summary

    1m 37s