Undervisningsplan
Weekly schedule¶
Along with each weekly topic and its readings, you'll find a list of keywords. These keywords are intended to give you a quick overview of what we're covering each week and to help you easily review whether you're familiar with the material we’ve discussed. Also, please note: The slides I use during lectures are the same figures included in the compendium. You do not need to ask me to publish my slides -- they are already available in the compendium as the box-framed figures.
| Week | Topic and Readings | Additional info |
|---|---|---|
| 2 | Introduction: NSM Grunnprinsipper, Cloud Computing and OpenStack (compendium chp 1.1 - 1.4) NSM, DevOps/DevSecOps, git, public vs private cloud, IaaS-PaaS-SaaS, dynamic, self-service, pay-as-you-go, privacy and asset management, OpenStack components, what is OpenStack, orchestration Lab tutorials, Review questions and problems Lectures: 0 Hvordan komme igang med det praktiske Lab tutorial kap 1 kapittel 1 del 1 NSM, DevOps og Cloud Computing |
|
| 3-4 | PowerShell (compendium chp 1.5 - 1.6) versions, ExecutionPolicy, cmdlet, parameter, alias, help, Get-Alias, Get-ChildItem, Get-Help, Get-Service, Select-String, drive, profile, variable, namespace, environment, Get-PSDrive, Get-Content, Write-Output, object/property/method, Resolve-DnsName, pipeline, Select-Object, Get-Process, Where-Object, $_, Format-List, Format-Table, Out-File, Export-Csv, ForEach-Object, Sort-Object, Get-Date, Measure-Object, Compare-Object, Get-LocalUser, if-tests, modules, Find-Module, Install-Module, Get-WindowsUpdate, here-string, scripts, call operator, Invoke-ScriptAnalyzer Lab tutorials, Review questions and problems Lectures: kapittel 1 del 2 Intro PowerShell og cmdlets kapittel 1 del 3 Stasjoner, namespace og variabler kapittel 1 del 4 Objekter kapittel 1 del 5 Vanlige konstruksjoner kapittel 1 del 6 Moduler og script |
OBLIG 1 |
| 5 | Windows Server (compendium chp 2) process and thread, what is a service, kinds of services, svchost, user vs system account, registry, WMI, roles and features, Sysinternals, Chocolatey, cmd vs PowerShell Lab tutorials, Review questions and problems Lectures: kapittel 2 Windows Server |
OBLIG 1 |
| 6 | Storage, Backup and Restore (compendium chp 3) file- vs block-level, file metadata vs data, disk/partition/volume, ACL/ACE, NSM chp 2.9, why backup?, ransomware, what to backup?, ignore files, B-MAC, Restic, Immutable, full/partial/differential/incremental, dump level, 3-2-1 backup, permissions/privileges, NSM measure 2.6.5, "files in use" and VSS, compression/encryption/deduplication, verify, restore Lab tutorials, Review questions and problems Lectures: kapittel 3 del 1 Datalagring kapittel 3 del 2 Backup Hva og hvorfor kapittel 3 del 3 Backup arkitektur, plan, rettigheter og praksis kapittel 3 del 4 Backup egenskaper, verfisering, overvåkning og restore |
OBLIG 1 deadline Feb 4th |
| 7 | Git, markdown and CI/CD (compendium chp 4) config, init, workflow, file states, commit/versions, conventional commits, log, working areas, conflicts, basic-extended-GitLab/GitHub Markdown, DevOps, CI/CD, pipeline Lab tutorials, Review questions and problems Lectures: kapittel 4 Git kapittel 4 Lab tutorial |
|
| 8 | Active Directory: DNS, LDAP and Kerberos (compendium chp 5) RFC, TLD, ICANN, NORID, resolver/cache vs authoritative server, Bind, dig, nslookup, Resolve-DnsName, domain vs zone, FQDN, LDH-rule, resource records (RRs), SOA-NS-MX-A-CNAME-PTR-SRV, root-servers, name-type-value-TTL, recursive vs iterative, hosts-file, Get-DnsClientServerAddress, Get-DnsClientCache, DHCP, dynamic DNS, attributes/properties, read-write ratio, distinguished name (DN), relative distinguished name (RDN), DC, OU, CN, Get-ADObject, ldapsearch, schema, objectClass, atomic, FEIDE, centralized authentication, single-sign on (SSO), port 389, StartTLS, Key Distribution Center (KDC), authentication server (AS), ticket-granting server ticket (TGS ticket), service principal name (SPN), ticket-granting-ticket (TGT), golden ticket, silver ticket, kerberoasting Lab tutorials, Review questions and problems Lectures: kapittel 5 del 1 DNS 1 kapittel 5 del 2 DNS 2 kapittel 5 del 3 LDAP kapittel 5 del 4 Kerberos kapittel 5 Lab Tutorial del 1 kapittel 5 Lab Tutorial del 2 bonus |
|
| 9 | Active Directory: Design and Implementation (compendium chp 6) Windows domain, domain controller, forest-tree-domain, replication, perimeter security vs zero trust, identity and access management, asset management, policy-based configuration management, organizational unit (OU), OU-container-group, RootDSE, users, computers, computer accounts (machine accounts), group policy objects (GPOs), site, New-ADOrganizationalUnit, Get-ADComputer, Move-ADComputer, Import-Csv, New-ADuser, Get-ADUser, AGDLP, distribution vs security groups, universal vs global vs domain local groups, SID, Builtin, New-ADGroup, Add-ADGroupMember, Get-ADGroupMember, Add-LocalGroupMember, Get-LocalGroupMember Lab tutorials, Review questions and problems Lectures: kapittel 6 del 1 AD Intro kapittel 6 del 2 AD OU og brukere kapittel 6 del 3 AD Aksess kontroll |
|
| 10 | Remoting, Config Management and Group Policy (compendium chp 7) push vs pull, ports 22, 135, 137, 139, 443, 445, 5985, 5986, WSMan (WinRM), Enter-PSSession, Invoke-Command, New-PSSession, Get-PSSession, Remove-PSSession, SMB, file share, NETLOGON, SYSVOL, UNC, Get-SmbShare, Get-SmbShareAccess, gpsvc, gpupdate, gpresult, Invoke-GPUpdate, Get-GPOReport, local group policy, processing order, software settings, windows settings, administrative templates, notconfigured-enabled-disabled, Get-GPO, New-GPLink, settings vs preferences, security baseline, gpedit-gpme-gpmc, psexec, Intune, Endpoint Configuration Manager Lab tutorials, Review questions and problems Lectures: kapittel 7 del 1 Push Pull, PowerShell Remoting kapittel 7 del 2 Group Policy 1 kapittel 7 del 3 Group Policy 2 kapittel 7 del 4 PsExec, DSC, ssh, Intune |
OBLIG 2 |
| 11 | OBLIG 2: "AD/PowerShell project in Git" | OBLIG 2 Deadline Sunday March 15th 23:59 |
| 12 | Software Package Management (compendium chp 8) executables, libraries, licenses, Get-WindowsFeature, Get-WindowsCapability, Win32_Product, Get-Package, Get-HotFix, msi-msix-msu-appx, choco-scoop-appget-winget-ninite, npm-pypi-ppm-rubygems, installer vs package manager, patch tuesday, one-some-many, updates vs fresh install, supply chain attack, typesquatting, account hijacking, social engineering, replay attack, freeze attack, metadata manipulation attack, endless data attack, CVE, NVD, CVSS, Mitre Att&ck, WSUS, PackageManagement/OneGet Lab tutorials, Review questions and problems Lectures: kapittel 8 del 1 Hva er programvare kapittel 8 del 2 Supply Chain kapittel 8 del 3 Rammeverket og prosessen |
|
| 13,15 | Logging and Monitoring (compendium chp 9) periodic/accumulating counters, counterset, counter, instance, path, single-instance/multi-instance counters, Get-Counter, Get-CimInstance, raw vs secondary value, CookedValue, Windows Admin Center, log events, event provider, event log, event type, EventID, log mode, timestamp, hostname, process name/source, message, Application, Security, System, Get-WinEvent, log levels (Verbose, Informational, Warning, Error, Critical, LogAlways), regex, wildcards, special characters, Select-String, anchoring, grouping, modifiers/quantifiers/repetition operators, matches array, message field structure Lab tutorials, Review questions and problems Lectures: kapittel 9 del 1 Numeriske data kapittel 9 del 2 Logghendelser kapittel 9 del 3 RegEx 1 kapittel 9 del 4 RegEx 2 |
Oblig 3: Møt fysisk på lab onsdag 08:15 i uke 15 eller uke 16 |
| 16 | Security: Attacks and Defenses (compendium chp 10 and 11) cyber kill chain, Mitre Att&ck Matrix, adversary group, APT, TTPs (tactics, techniques, procedures), sub-technique, mitigation, data source, detection, CAPEC, Att&ck Navigator, Atomic red team, Invoke-AtomicTest, BloodHound, SharpHound, Mitre D3fend, harden, detect, isolate, deceive, evict, Defender Lab tutorials, Review questions and problems Lectures: kapittel 10 11 del 1 Mitre Attack kapittel 10 11 del 2 Mitre Attack og Defend |
Oblig 3: Møt fysisk på lab onsdag 08:15 i uke 15 eller uke 16 |
| 17 | Infrastructure Orchestration (compendium chp 12) repeatability and consistency, imperative vs declarative, domain-specific language, YAML and JSON, Heat, Cloudformation, ARM templates, Cloud Deployment Manager, Terraform, HCL, Heat version/parameter/resources/outputs, stack, configuration definition file, resources dependencies, conditions, iteration, boot scripts, nested stacks, openstack stack commands Lab tutorials, Review questions and problems Lectures: kapittel 12 Orkestrering |
|
| 18 | Repetition, Exam info | |
| 22 | Digital exam May 27th 09:00-12:00 (no aids allowed, but access to a Linux PowerShell environment will be provided) |