482 Policy courses delivered Live Online

Duration 2 Days 12 CPD hours This course is intended for Security architects System designers Network administrators Operations engineers Network managers, network or security technicians, and security engineers and managers responsible for web security Cisco integrators and partners Overview After taking this course, you should be able to: Describe Cisco WSA Deploy proxy services Utilize authentication Describe decryption policies to control HTTPS traffic Understand differentiated traffic access policies and identification profiles Enforce acceptable use control settings Defend against malware Describe data security and data loss prevention Perform administration and troubleshooting The Securing the Web with Cisco Web Security Appliance (SWSA) v3.0 course shows you how to implement, use, and maintain Cisco© Web Security Appliance (WSA), powered by Cisco Talos, to provide advanced protection for business email and control against web security threats. Through a combination of expert instruction and hands-on practice, you?ll learn how to deploy proxy services, use authentication, implement policies to control HTTPS traffic and access, implement use control settings and policies, use the solution?s anti-malware features, implement data security and data loss prevention, perform administration of Cisco WSA solution, and more. Describing Cisco WSA Technology Use Case Cisco WSA Solution Cisco WSA Features Cisco WSA Architecture Proxy Service Integrated Layer 4 Traffic Monitor Data Loss Prevention Cisco Cognitive Intelligence Management Tools Cisco Advanced Web Security Reporting (AWSR) and Third-Party Integration Cisco Content Security Management Appliance (SMA) Deploying Proxy Services Explicit Forward Mode vs. Transparent Mode Transparent Mode Traffic Redirection Web Cache Control Protocol Web Cache Communication Protocol (WCCP) Upstream and Downstream Flow Proxy Bypass Proxy Caching Proxy Auto-Config (PAC) Files FTP Proxy Socket Secure (SOCKS) Proxy Proxy Access Log and HTTP Headers Customizing Error Notifications with End User Notification (EUN) Pages Utilizing Authentication Authentication Protocols Authentication Realms Tracking User Credentials Explicit (Forward) and Transparent Proxy Mode Bypassing Authentication with Problematic Agents Reporting and Authentication Re-Authentication FTP Proxy Authentication Troubleshooting Joining Domains and Test Authentication Integration with Cisco Identity Services Engine (ISE) Creating Decryption Policies to Control HTTPS Traffic Transport Layer Security (TLS)/Secure Sockets Layer (SSL) Inspection Overview Certificate Overview Overview of HTTPS Decryption Policies Activating HTTPS Proxy Function Access Control List (ACL) Tags for HTTPS Inspection Access Log Examples Understanding Differentiated Traffic Access Policies and Identification Profiles Overview of Access Policies Access Policy Groups Overview of Identification Profiles Identification Profiles and Authentication Access Policy and Identification Profiles Processing Order Other Policy Types Access Log Examples ACL Decision Tags and Policy Groups Enforcing Time-Based and Traffic Volume Acceptable Use Policies, and End User Notifications Defending Against Malware Web Reputation Filters Anti-Malware Scanning Scanning Outbound Traffic Anti-Malware and Reputation in Policies File Reputation Filtering and File Analysis Cisco Advanced Malware Protection File Reputation and Analysis Features Integration with Cisco Cognitive Intelligence Enforcing Acceptable Use Control Settings Controlling Web Usage URL Filtering URL Category Solutions Dynamic Content Analysis Engine Web Application Visibility and Control Enforcing Media Bandwidth Limits Software as a Service (SaaS) Access Control Filtering Adult Content Data Security and Data Loss Prevention Data Security Cisco Data Security Solution Data Security Policy Definitions Data Security Logs Performing Administration and Troubleshooting Monitor the Cisco Web Security Appliance Cisco WSA Reports Monitoring System Activity Through Logs System Administration Tasks Troubleshooting Command Line Interface References Comparing Cisco WSA Models Comparing Cisco SMA Models Overview of Connect, Install, and Configure Deploying the Cisco Web Security Appliance Open Virtualization Format (OVF) Template Mapping Cisco Web Security Appliance Virtual Machine (VM) Ports to Correct Networks Connecting to the Cisco Web Security Virtual Appliance Enabling Layer 4 Traffic Monitor (L4TM) Accessing and Running the System Setup Wizard Reconnecting to the Cisco Web Security Appliance High Availability Overview Hardware Redundancy Introducing Common Address Redundancy Protocol (CARP) Configuring Failover Groups for High Availability Feature Comparison Across Traffic Redirection Options Architecture Scenarios When Deploying Cisco AnyConnect© Secure Mobility Additional course details: Nexus Humans SWSA v3.0-Securing the Web with Cisco Web Security Appliance training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the SWSA v3.0-Securing the Web with Cisco Web Security Appliance course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for This course benefits individuals responsible for configuring and monitoring devices running the Junos OS. Overview After successfully completing this course, you should be able to: Describe the various OSPF link-state advertisement (LSA) types. Explain the flooding of LSAs in an OSPF network. Describe the shortest-path-first (SPF) algorithm. Describe OSPF link metrics. Describe the various OSPF authentication methods. Explain the differences between OSPFv2 and OSPFv3. Describe OSPF area types and operations. Configure various OSPF area types. Summarize and restrict routes. Configure OSPF multi-area adjacencies. Configure OSPF virtual links. Explain OSPF external reachability. List useful commands that are used to troubleshoot and verify OSPF. Isolate different OSPF issues. Describe BGP operations. Configure various BGP options. Explain the route selection process for BGP. Describe how to alter the route selection process. Explain the use of routing policies in BGP. Explain how BGP routes are processed. Describe the various BGP attributes and their use. Manipulate common BGP attributes. Review common BGP troubleshooting procedures. List common BGP troubleshooting commands. Identify issues with BGP peering. Explain reasons to use BGP in the Enterprise. Explain how ISP policies can influence external connectivity. Describe three common routing policies for external connectivity in the enterprise. Identify common commands for troubleshooting routing policy. Describe basic multicast terminology. Describe the multicast address space. Describe how RPF is used in a multicast network. Describe the basic functionality of IGMP. Describe the multicast service models and modes. Describe PIM-SM operation and configuration when using the ASM model. Describe PIM-SM operation and configuration when using the SSM model. Verify and troubleshoot multicast. Identify environments that may require a modified CoS implementation. Describe the various CoS components and their respective functions. Explain the CoS processing along with CoS defaults on SRX Series devices. Describe situations in which some CoS features are used in the enterprise. Describe the use of the Real-Time Performance Monitoring tool. Verify and troubleshoot CoS. Describe a traditional Campus network design. Understand the need for a new architectural design. Describe the five key concepts of the Evolved Core. Describe the benefits of a Layer 3-based Campus Networks. Describe Layer 2 tunneling. Explain VXLAN functionality. Describe VXLAN gateways. Describe EVPN features. Describe EVPN operations. This five-day course is designed to provide students with the tools required for implementing, monitoring, and troubleshooting Layer 3 components in an enterprise network. Chapter 1: Course Introduction Course Introduction Chapter 2: OSPF OSPFv2 Review Link-State Advertisements Protocol Operations OSPF Authentication OSPFv3 Lab 1: Configuring and Monitoring OSPF Chapter 3: OSPF Areas Review of OSPF Areas Stub Area Operation Stub Area Configuration NSSA Operation NSSA Configuration Route Summarization Lab 2: Configuring and Monitoring OSPF Areas and Route Summarization Chapter 4: Advanced OSPF Options OSPF Multi-Area Adjacencies Virtual Links External Reachability Lab 3: Configuring and Monitoring Routing Policy and Advanced OSPF Options Chapter 5: Troubleshooting Troubleshooting LSDB Consistency Issues Case Study: Adjacency Issues Lab: Troubleshooting OSPF Chapter 6: BGP Review of BGP BGP Configuration Options BGP Operations BGP Path Selection and Options Lab: Implementing BGP Chapter 7: BGP Attributes and Policy Policy and BGP BGP Attributes Details and Manipulation of Common BGP Path Attributes Lab: BGP Attributes Chapter 8: Troubleshooting BGP BGP Troubleshooting BGP Case Study Lab: Troubleshooting BGP Chapter 9: Enterprise Routing Policies Enterprise BGP Core Network Design Enterprise External Network Deployment Lab: Implementing Enterprise Routing Policies Chapter 10: Troubleshooting Policies Routing Policy Structure Using RegEx Routing Policy Troubleshooting Case Study Lab: Troubleshooting Routing Policies Chapter 11: Introduction to Multicast Overview of Multicast Multicast Addressing RPF IGMP Lab: PIM-SM Chapter 12: Multicast Routing Protocols and SSM Overview of Multicast Routing Protocols PIM-SM Using the ASM Model PIM-SM Using the SSM Model Lab: Implementing PIM-SM Lab: Implementing SSM Chapter 13: Troubleshooting Multicast Multicast Troubleshooting Multicast Case Study Lab: Troubleshooting Multicast Chapter 14: Class of Service CoS Components Review and Case Study CoS Processing and CoS Defaults on the SRX Series Device Policing Virtual Channels Monitoring with Resource Performance Monitoring Lab 9: Implementing CoS Features in the Enterprise Chapter 15: Troubleshooting Class of Service CoS Troubleshooting CoS Case Study Lab: Troubleshooting Class of Service Chapter 16: Enterprise Architectures Traditional Enterprise Networks A New Architecture Key Concepts of the Evolved Core IP Fabric Campus Design Chapter 17: VXLAN Layer 2 Connectivity over a Layer 3 Network VXLAN Overview VXLAN Gateways Chapter 18: EVPN-VXLAN Overview of EVPN EVPN Operations EVPN and VXLAN Chapter 19: Configuring EVPN-VXLAN Configuring EVPN-VXLAN Spine Only network Add IP Fabric leaf nodes to a Spine Only design Configuring a new IP Fabric EVPN-VXLAN network Chapter 20: Migrating to an IP Fabric EVPN Routes Useful EVPN Commands Appendix A: BGP Route Reflection Route Reflection Operation Configuration and Routing Knowledge Lab: BGP Route Reflection (Optional) Appendix B: Troubleshooting IS-IS IS-IS Troubleshooting Lab: Troubleshooting IS-IS and Mixed Environments Additional course details: Nexus Humans AJER - Advanced Junos Enterprise Routing training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the AJER - Advanced Junos Enterprise Routing course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for Cloud Architects, Security Experts, and Network Administrators requiring in depth knowledge on CloudGuard Network Security products. Overview Discuss Azure Platform Components and their relationship to Check Point CloudGuard Network Security. Explain how to maintain a secure, efficient, and stable cloud environment. Describe the components and constraints of a hub and spoke cloud security environment. Describe the function of the Cloud Management Extension Explain the purpose of identity and access controls and constraints in different cloud platforms. Explain the steps required to configure Identity and Access controls in Azure. Describe the purpose and function of the CloudGuard Controller, its processes, and how it is tied to the Identity Awareness feature. Explain how to design and configure Cloud Adaptive Policies. Discuss the purpose and function of Data Center Objects. Describe the function and advantages of Cloud Service Provider (CSP) automation templates for instance and resource deployments. Explain how CSP templates can be used for maintenance tasks in the cloud environment. Discuss Third-Party Automation tools, how they can simplify deployment and maintenance tasks, and the constraints associated with them. Discuss Scaling Solutions and Options for Cloud Environments. Explain the Scaling Options in Azure. Describe the workflow for configuring scaling solutions in Azure. Discuss how ClusterXL operates and what elements work together to permit traffic failover. Explain how ClusterXL functions differently in a Cloud Environment. Describe how clusters are created and function in Azure. Discuss the elements involved in Hybrid Data Center deployments, the advantages of them, and the constraints involved. Explain the nature of a 'Greenfield' deployment, the advantages of it, and the constraints involved. Describe the components and constraint involved in deploying a Disaster Recovery Site in the cloud. Discuss the steps required for troubleshooting automation in Azure. Explain the steps required for troubleshooting Scaling Solution issues in Azure. Describe the steps required for troubleshooting clusters in Azure. Learn advanced concepts and develop skills needed to design and administer CloudGuard Network Security Environments. Course Outline Deploy a Security Management Server. Connect to SmartConsole. Configure Azure Active Directory and the Service Principle. Install the Cloud Management Extension. Configure the Cloud Management Extension. Configure the Access Control Policy. Assign the Service Principle. Create the CloudGuard Controller Object. Configure Access Control Policy with a Data Center Object. Deploy the Spoke vNets. Create the Spoke Route Table. Deploy Web Servers into the Spoke vNets. Deploy the Virtual Machine Scale Set. Assign the Service Principle to the VMSS Resource Group. Enable Indentity Awareness on the VMSS. Create Load Balancer Rules. Create vNet Peers. Create Web Server Access Control policy. Deploy the Azure High Availability Solution. Create the Cluster Object. Configure the vNet Peering. Create the Internal User Defined Routes. Create the Security Policy for Internal Traffic. Test the Internal Traffic. Troubleshoot the CloudGuard Controller. Debugs the CloudGuard Controller. Debug the Cloud Management Extension. Additional course details: Nexus Humans CNSE-Azure Check Point Network Security Expert for Azure training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CNSE-Azure Check Point Network Security Expert for Azure course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for This course is recommended for technical professionals who automate, orchestrate, and troubleshoot Check Point secured environments. Overview Explain how automation and orchestration work together Understand the key drivers for incorporating automation and orchestration into security management Execute a shell script that demonstrates how to build a comprehensive Security Policy. Recognize how the Check Point API framework integrates with R80 Security Management to support automation and orchestration of daily tasks Describe Check Point API tools and demonstrate how they are used to manage Check Point Security Management solutions Demonstrate how to define new objects and modify existing ones by using the Check Point API The goal of this course is to provide an understanding of the advanced concepts and skills necessary to automate and orchestrate tasks relating to managing Check Point Security Policies Course Ouline Explain how automation and orchestration work together Understand the key drivers for incorporating automation and orchestration into security management Execute a shell script that demonstrates how to build a comprehensive Security Policy. Recognize how the Check Point API framework integrates with R80 Security Management to support automation and orchestration of daily tasks Describe Check Point API tools and demonstrate how they are used to manage Check Point Security Management solutions Demonstrate how to define new objects and modify existing ones by using the Check Point API Demonstrate how to create API commands to efficiently maintain the Check Point Security Management Server database Demonstrate how to use different methods to update the database with API commands Become familiar with client-side and server-side scripting and scripting languages Understand how to use the Bash shell to develop APIs Recognize and describe many of the open source tools that are available to assist with API development Demonstrate how to use a custom REST application to update the database of a Security Management Server Demonstrate how to use Postman to manage the Security Policy database through the Check Point API Understand what steps to take to troubleshoot and debug API scripts Demonstrate basic troubleshooting techniques by reviewing debugging messages in various forms Understand how to use self-service portal capabilities to provide general IT services Recognize how automation tools work with Check Point APIs to automate security management tasks and orchestrate workflow behind service portals Demonstrate common tasks that are automated in a Web portal to manage the Security Policy LAB Exercises Demonstrate Check Point automation and orchestration Manage objects using the Check Point API Create a management API shell script Use a variety of methods to execute API commands Use a custom REST tool for API calls Use Postman for API calls Debug the Check Point management API Automate tasks using a Check Point API enabled Web portal Additional course details: Nexus Humans CCAS Check Point Certified Automation Specialist training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the CCAS Check Point Certified Automation Specialist course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

In this series we will be joined by a collection of creators and exploring their career including education, career steps and challenges.

In this new series we will be exploring the culture of personal brands and how creators position themselves.

Duration 3 Days 18 CPD hours This course is intended for Technical professionals who support, install, deploy or administer Check Point Software Blades. Overview Interpret the concept of a Firewall and understand the mechanisms used for controlling network traffic.Describe the key elements of Check Point?s unified Security Management Architecture.Recognize SmartConsole features, functions and tools.Understand Check Point deployment options.Describe the basic functions of Gaia.Describe the essential elements of a Security Policy.Understand how traffic inspection takes place in a unified Security Policy.Summarize how administration roles and permissions assist in managing policy.Recall how to implement backup techniques.Understand the Check Point policy layer concept.Recognize Check Point security solutions and products and how they work to protect your network.Understand licensing and contract requirements for Check Point security products.Identify tools designed to monitor data, determine threats and recognize performance improvements.Identify tools designed to respond quickly and efficiently to changes in gateways, tunnels, remote users, traffic flow patterns, and other activities.Understand Site-to-Site and Remote Access VPN deployments and communities.Understand how to analyze and interpret VPN traffic.Recognize how to define users and user groups.Understand how to manage user access for internal and external users.Understand the basic concepts of ClusterXL technology and its advantages.Understand how to perform periodic administrator tasks as specified in administrator job descriptions. Provide an understanding of basic concepts and skills necessary to configure Check Point Security Gateway and Management Software Blades. Introduction to Check Point Technology Security Policy Management Policy Layers Check Point Security Solutions and Licensing Traffic Visibility Basic Concepts of VPNManaging User Access Working with ClusterXLAdministrator Task Implementation Additional course details: Nexus Humans Check Point Cyber Security Administrator (CCSA R80.10) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Check Point Cyber Security Administrator (CCSA R80.10) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for network professionals who are looking to build their foundational knowledge of the ClearPass product portfolio This training combines the following classes into one five day workshop, preparing you for the ACCP certification: ACF-Aruba ClearPass Fundamentals IAC-Implementing Aruba ClearPass Overview Ability to setup ClearPass as a AAA server Demostrate Configuration Guest, Ongurad, Onboard and Profiling features Integrate with External AD Server Understand Monitoring and Reporting Demostrate Scaling and deployment of best practices It prepares participants with foundational skills in Network Access Control using the ClearPass product portfolio. This 5-day classroom session includes both modules and labs to teach participants about the major features of the ClearPass portfolio Intro to ClearPass BYOD High Level Overview Posture and Profiling Guest and Onboard ClearPass for AAA Policy Service Rules Authentication Authorization and Roles Enforcement Policy and Profiles Authentication and Security Concepts Authentication Types Servers Radius COA Active Directory Certificates Intro to NAD NAD Devices Adding NAD to ClearPass Network Device Groups Network Device Attributes Aruba Controller as NAD Aruba Switch Aruba Instant Monitoring and Troubleshooting Monitoring Troubleshooting Logging Policy Simulation ClearPass Insight Insight Dashboard Insight Reports Insight Alerts Insight Search Insight Administration Insight Replication Active Directory Adding AD as Auth Source Joining AD domain Using AD services External Authentication Multiple AD domains LDAP Static Host Lists SQL Database External Radius Server Guest Guest Account creation Web Login pages Guest Service configuration Self-registration pages Configuring NADS for Guest Guest Manager Deep Dive Web Login Deep Dive Sponsor Approval MAC Caching Onboard Intro to Onboard Basic Onboard Setup Onboard Deepdive Single SSID Onboarding Dual SSID Onboarding Profiling Intro to Profiling Endpoint Analysis Deep Dive Posture Intro to Posture Posture Deployment Options OnGuard Agent Health Collection OnGuard workflow 802.1x with Posture using Persistent/dissolvable agent OnGuard web LoginMonitoring and Updates Operation and Admin Users Operations Admin Users Clustering and Redundancy Clustering Redundancy LAB Licensing ClearPass Licensing Base License Applications Single Sign-On Deployment Options ClearPass Admin Login SSO Access Network SSO ASO-Auto-Sign On Configuration and Demo ClearPass Exchange Intro Examples General HTTP Palo Alto Firewall Configuration Case Study Objectives Discussion Advanced Labs Overview

Start running Paid Ads on social media, and reach more customers than ever before!

Duration 4 Days 24 CPD hours This course is intended for This four-day course is intended for Windows Server Hybrid Administrators who have experience working with Windows Server and want to extend the capabilities of their on-premises environments by combining on-premises and hybrid technologies. Windows Server Hybrid Administrators implement and manage on-premises and hybrid solutions such as identity, management, compute, networking, and storage in a Windows Server hybrid environment. This course teaches IT Professionals how to manage core Windows Server workloads and services using on-premises, hybrid, and cloud technologies. The course teaches IT Professionals how to implement and manage on-premises and hybrid solutions such as identity, management, compute, networking, and storage in a Windows Server hybrid environment. Prerequisites Experience with managing Windows Server operating system and Windows Server workloads in on-premises scenarios, including AD DS, DNS, DFS, Hyper-V, and File and Storage Services Experience with common Windows Server management tools (implied in the first prerequisite). Basic knowledge of core Microsoft compute, storage, networking, and virtualization technologies (implied in the first prerequisite). Experience and an understanding of core networking technologies such as IP addressing, name resolution, and Dynamic Host Configuration Protocol (DHCP) Experience working with and an understanding of Microsoft Hyper-V and basic server virtualization concepts Basic experience with implementing and managing IaaS services in Microsoft Azure Basic knowledge of Azure Active Directory Experience working hands-on with Windows client operating systems such as Windows 10 or Windows 11 Basic experience with Windows PowerShell 1 - Introduction to AD DS Define AD DS Define users, groups, and computers Define AD DS forests and domains Define OUs Manage objects and their properties in AD DS 2 - Manage AD DS domain controllers and FSMO roles Deploy AD DS domain controllers Maintain AD DS domain controllers Manage the AD DS Global Catalog role Manage AD DS operations masters Manage AD DS schema 3 - Implement Group Policy Objects Define GPOs Implement GPO scope and inheritance Define domain-based GPOs Create and configure a domain-based GPO Define GPO storage Define administrative templates 4 - Manage advanced features of AD DS Create trust relationships Implement ESAE forests Monitor and troubleshoot AD DS Create custom AD DS partitions 5 - Implement hybrid identity with Windows Server Select a Microsoft Entra integration model Plan for Microsoft Entra integration Prepare on-premises Active Directory for directory synchronization Install and configure directory synchronization with Microsoft Entra Connect Implement Seamless Single Sign-On Enable Microsoft Entra login in for Windows VM in Azure Describe Microsoft Entra Domain Services Implement and configure Microsoft Entra Domain Services Manage Windows Server 2019 in a Microsoft Entra Domain Services environment Create and configure a Microsoft Entra Domain Services instance Join a Windows Server VM to a managed domain 6 - Deploy and manage Azure IaaS Active Directory domain controllers in Azure Select an option to implement directory and identity services using Active Directory Domain Services in Azure Deploy and configure Active Directory Domain Services domain controllers in Azure VMs Install a replica Active Directory domain controller in an Azure VM Install a new Active Directory forest on an Azure VNet 7 - Perform Windows Server secure administration Define least privilege administration Implement delegated privileges Use privileged access workstations Use jump servers 8 - Describe Windows Server administration tools Explore Windows Admin Center Use Server Manager List Remote Server Administration Tools Use Windows PowerShell Use Windows PowerShell to remotely administer a server 9 - Perform post-installation configuration of Windows Server List the available post-installation configuration tools Configure Server Core using Sconfig Use DSC to configure Windows Server Perform post-installation configuration with Windows Admin Center Configure a server with answer files 10 - Just Enough Administration in Windows Server Explain the concept of Just Enough Administration (JEA) Define role capabilities for a JEA endpoint Create a session configuration file to register a JEA endpoint Describe how JEA endpoints work to limit access to a PowerShell session Create and connect to a JEA endpoint Demonstration: Connect to a JEA endpoint 11 - Administer and manage Windows Server IaaS Virtual Machine remotely Select the appropriate remote administration tool Manage Windows Virtual Machines with Azure Bastion Create an Azure Bastion host Configure just-in-time administration 12 - Manage hybrid workloads with Azure Arc Describe Azure Arc Onboard Windows Server instances Connect hybrid machines to Azure from the Azure portal Use Azure Arc to manage Windows Server instances Restrict access with RBAC 13 - Configure and manage Hyper-V Define Hyper-V Define Hyper-V Manager Configure Hyper-V hosts using best practices Configure Hyper-V networking Assess advanced Hyper-V networking features Define nested virtualization 14 - Configure and manage Hyper-V virtual machines List the virtual machine configuration versions List the virtual machine generation versions List available VHD formats and types Create and configure VMs Determine storage options for VMs Define shared VHDs and VHD Sets Implement guest clusters using shared VHDX 15 - Secure Hyper-V workloads Define guarded fabric Define the Host Guardian Service Explore TPM-trusted attestation Define KPS Determine key features of shielded VMs Compare encryption-supported and shielded VMs in a guarded fabric Implement a shielded VM 16 - Run containers on Windows Server Define containers List the differences between containers and VMs Define Windows Server and Hyper-V containers and isolation modes Explore Docker Prepare a Windows Server 2019 host for container deployment Security, Storage, and Networking with Windows containers 17 - Orchestrate containers on Windows Server using Kubernetes Define orchestration Define Kubernetes Deploy Kubernetes resources Create a Kubernetes cluster on Windows Define Azure Arc Connect an Azure Arc-enabled Kubernetes cluster to Azure Arc 18 - Plan and deploy Windows Server IaaS Virtual Machines Describe Azure compute Describe Virtual Machine storage Deploy Azure Virtual Machines Create a windows Virtual Machine using the portal Create a windows Virtual Machine using Azure CLI Deploy Azure Virtual Machines using templates Describe additional management optimization options 19 - Customize Windows Server IaaS Virtual Machine images Create a generalized image Create a new Virtual Machine from a managed image Create a managed image of a generalized virtual machine in Azure Create a Virtual Machine from a managed image Implement Azure Image Builder Create a windows Virtual Machine using Azure Image Builder template Create a Windows Virtual Machine with Azure Image Builder using PowerShell 20 - Automate the configuration of Windows Server IaaS Virtual Machines Describe Azure Automation Implement Azure Automation with DSC Remediate noncompliant servers Describe Custom Script Extensions Configure a Virtual Machine by using DSC 21 - Deploy and manage DHCP Use DHCP to simplify IP configuration Install and configure the DHCP role Configure DHCP options Configure DHCP scopes Select DHCP high availability options Implement DHCP Failover 22 - Implement Windows Server DNS Explore the DNS architecture Work with DNS zones and records Install and configure the DNS role Implement DNS forwarding 23 - Implement IP Address Management Define IP Address Management Deploy IP Address Management Administer IP Address Management Configure IP Address Management options Manage DNS zones with IP Address Management Manage DHCP servers with IP Address Management Use IP Address Management to manage IP addressing 24 - Implement remote access Examine the remote access options in Windows Server Select and set up VPNs Use NPS to create and enforce network access policies Plan and implement NPS Deploy a PKI for remote access Use WAP as a reverse web proxy 25 - Implement hybrid network infrastructure Describe Azure network topologies Implement Azure VPN options Create a route-based VPN gateway using the Azure portal Implement Azure ExpressRoute Configure Azure Virtual WAN Implement DNS in hybrid environments 26 - Implement DNS for Windows Server IaaS VMs Understand Azure DNS Implement Azure DNS Create an Azure DNS zone and record using the Azure portal Implement DNS with Azure IaaS virtual machines Implement split-horizon DNS in Azure Troubleshoot DNS 27 - Implement Windows Server IaaS VM IP addressing and routing Implement a virtual network Implement IaaS VM IP addressing Assign and manage IP addresses Configure a private IP address for a virtual machine using the Azure portal Create a virtual machine with a static public IP address using the Azure portal Implement IaaS virtual machine IP routing Implement IPv6 for Windows Server IaaS virtual machines 28 - Manage Windows Server file servers Define the Windows Server file system List the benefits and uses of File Server Resource Manager Define SMB and its security considerations Configure SMB protocol Define Volume Shadow Copy Service 29 - Implement Storage Spaces and Storage Spaces Direct Define the Storage Spaces architecture and its components List the functionalities, benefits, and use cases of Storage Spaces Implement Storage Spaces List the functionalities, components, benefits, and use cases of Storage Spaces Direct Implement Storage Spaces Direct 30 - Implement Windows Server Data Deduplication Define the architecture, components, and functionality of Data Deduplication Define the use cases and interoperability of Data Deduplication Implement Data Deduplication Manage and maintain Data Deduplication 31 - Implement Windows Server iSCSI List the functionalities, components, and use cases of iSCSI List the considerations for implementing iSCSI Implement iSCSI Configure high availability for iSCSI 32 - Implement Windows Server Storage Replica List the functionalities and components of Storage Replica Examine the prerequisites for implementing Storage Replica Implement Storage Replica by using Windows Admin Center Implement Storage Replica by using Windows PowerShell 33 - Implement a hybrid file server infrastructure Describe Azure File services Configure Azure Files Configure connectivity to Azure Files Describe Azure File Sync Implement Azure File Sync Deploy Azure File Sync Deploy Azure File Sync 2 Manage cloud tiering Migrate from DFSR to Azure File Sync