2015 NY Metro Joint Cyber Security Workshop “PowerShell for Auditing and Security”

Spotlight on   PowerShell for Auditing and Security.” workshop speaker Guy Herman

PowerShell for Auditing and Security

PowerShell is a remarkably powerful tool that can be used by administrators to automate many aspects of their environment.  PowerShell really starts to shine when used to audit and secure a Microsoft Windows ecosystem.  Starting with an introduction to PowerShell, this brief overview explores PowerShell and exposes how it can be used to help secure Windows.  This one-day session covers PowerShell from beginning to end, exposing participants to the wide range of tools available through PowerShell.

Starting with the basics of using the shell and cmdlets along with the included help system, we examine the command syntax, command discovery, and how to work with the PowerShell Pipeline.  We then progress into some of the many things you can do with PowerShell right now to audit and secure your environment.  We then delve into some of the more sophisticated aspects of PowerShell and how it can be best used by Windows Administrators.  You will be exposed to the Desired State Configuration tool, as well as Best Practices and specialized techniques for auditing and securing your environment.

This session is packed full of Hands-On-Labs to demonstrate just how easy to use and powerful PowerShell really is:

  • Lab: Configuring Windows PowerShell
    • · PowerShell Console Application
    • · PowerShell ISE Application
  • Lab: Finding and Running Basic Commands
    • · Finding Commands
    • · Running Commands
    • · Using “About” Files
  • Lab: Using the Pipeline
    • · Selecting and Sorting Data
  • Lab: Converting, Exporting, and Importing Objects
    • · Converting Objects
    • · Importing and Exporting Objects
  • Lab: Filtering Objects
    • · Filtering Objects
  • Lab: Enumerating Objects
    • · Enumerating Objects
  • Lab: Working with Pipeline Parameter Binding
    • · Predicting Pipeline Behavior
  • Lab : Formatting Output
    • · Formatting Command Output
    • · Reproducing Specified Output
  • Lab : Working with WMI and CIM
    • · Querying Information by Using WMI
    • · Querying Information by Using CIM
    • · Invoking Methods
  • Lab : Moving From Command to Script
    • · Test the Command
    • · Parameterize Changing Values
    • · Add Verbose Output
    • · Add Comment-Based Help
  • Lab : Moving From Script to Function to Module
    • · Convert the Script to a Function
    • · Save the Script as a Script Module
    • · Add Debugging Breakpoints
  • Lab : Implementing Basic Error Handling
    • · Add Error Handling to a Function
    • · Add Error Handling to a New Function
  • Lab : Creating an Advanced Function
    • · Test an Existing Command
    • · Create a Parameterized Function
    • · Handle Multiple Targets
    • · Add Error Handling
  • Lab : Using Basic Remoting
    • · Enable Remoting on the Local Computer
    • · Performing One-to-One Remoting
    • · Performing One-to-Many Remoting
  • Lab : Using Remoting Sessions
    • · Using Implicit Remoting
    • · Multicomputer Management
  • Lab: Desired State Configuration
    • · Enabling or disabling server roles and features (like IIS)
    • · Managing registry settings
    • · Managing files and directories
    • · Starting, stopping, and managing processes and services
    • · Managing groups and user accounts
    • · Managing environment variables
  • Lab : Documenting Servers and Workstations
    • · Finding the Right Script
    • · Performing the Inventory
  • Lab : Auditing User Passwords

Come and learn what PowerShell can do for you, and how you can use it to audit and secure your Windows ecosystem.

This session  will be offered as a pre-conference workshop on Tuesday, October 13th at

NY Seminar and Conference Center
71 West 23rd Street
Chelsea Center
New York City, NY 10010

Register here this will sell out and no walking will be allowed