BlackBelt - Securing Windows 10/11 and Server 2016/2019

Gartner has said that one of the most needed changes in enterprise security is to move to a least privilege approach, whitelisting of applications and overall proactive security. Microsoft said in February 2018 that 85% of all security threats would have been mitigated by moving to proactive security.

Join this four-day workshop by Sami Laiho, one of the world’s leading Windows Security experts and make sure you are prepared for the future. During this hands-on training, you will see why proactive security is mandatory and also learn to implement it in practice.

Target audience: The course is intended for administrators and security professionals, who want to ensure their environments are prepared for the new security era, where traditional security measures like anti-malware are not effective anymore, and who want to make the best out of what Windows 10/11 and Server 2019 have to offer. 

Prerequisites to the course (recommended): Basic experience with Windows Administration, Basic understanding of Active Directory, Basic understanding of networking infrastructure.

After completing this course, students understand how:

  • to secure the Windows OS;
  • BitLocker works;
  • to use Baselines;
  • to achieve the Principle of Least Privilege;
  • to build Directory Tiering;
  • to deploy Allow-Listing;
  • Shielded VMs work.

Course topics:

Day 1

  • introduction to the current and future state of IT security;
  • the showcase of how Windows really gets hacked;
  • implementing hard disk encryption – Building a BulletProof BitLocker;
  • implementing shielded VMs and Virtual TPMs;
  • cornerstones of Windows Security – How the Security Subsystem really Works;
  • using Baselines to protect clients and servers (and how to fix Microsoft’s broken default ones).

 Day 2

  • implementing the principle of least privilege – getting rid of admin rights;
  • correct use of different levels of admin accounts in an enterprise;
  • why and how to use UAC effectively;
  • using containers and Windows Defender Application Guard to increase security;
  • server 2016/2019 Bastion/Red/ESAE forests and how to secure Active Directory;
  • protecting infrastructure services like DHCP, DNS and AD DCs.

Day 3

  • mitigating Pass-The-Hash attacks and whatever Mimikatz can do to you;
  • implementing Credential Guard and other Secure Kernel Technologies;
  • getting rid of the lateral movement of admin accounts – Implementing a three-tier infrastructure;
  • correct decisions when choosing secure hardware in the future;
  • moving to Biometrics and Two-Factor Authentication.

Day 4

  • implementing the PAW – Privileged Access Workstation;
  • securely managing Servers;
  • protections RDP-connections;
  • implementing Whitelisting in Windows;
  • AppLocker and Device Guard in Windows 10/11;
  • implementing REALISTIC Security in REAL life – comparing Office desktops to workstations that can launch missiles.

The training takes place 9:30-16:45 at Vana-Lõuna 39/1, Tallinn. You can park in the Europark parking lot at Veerenni 36, EP63. 

Length: 32 academic hours

Continuing Education Curriculum Group: 0612 Database and Network Design and Administration

The training price also includes:

  • hot drinks with cookies;
  • fresh fruits;
  • teaching materials;
  • a trainer's consultation on the topics learned by e-mail after the training;
  • a certificate. 

Participants who have completed the training will be issued a certificate. The prerequisite for issuing a certificate is full participation in training and achievement of learning outcomes. The acquisition of learning outcomes is assessed during the training through practical assignments.

For participants who have not achieved the learning outcomes, a certificate of attendance will be issued upon request.

BlackBelt trainer is Sami Laiho

Sami Laiho is one of the world’s leading professionals in the Windows OS and Security. Sami has been working with and teaching OS troubleshooting, management, and security since 1996.

In 2019 Sami was chosen by TiVi-magazine as one of the top 100 influencers in IT in Finland. He is the 11th most followed person in his field in Finland.

At Ignite 2018, Sami’s “Behind the Scenes: How to build a conference winning session” and “Sami Laiho: 45 Life Hacks of Windows OS in 45 minutes” sessions were ranked as #1 and #2 out of 1708 sessions!! This was the first time in the history of the conference that anyone has been able to do this.
Before that, at Ignite 2017, the world’s biggest Microsoft event, Sami was evaluated as the Best External Speaker! Also, Sami’s sessions were evaluated as the Best session in TechEd North America, Europe and Australia in 2014, and Nordic Infrastructure Conference in 2016, 2017 and 2019.

Course feedback: 


"Väga informatiivne ja sisukas koolitus. Koolitusel sisu oli turvalisus, turvalisus, turvalisus. Väga hea koolitaja, head näited."


"Koolitus ei olnud üksluine lugemine, klickimine jms. Toodi näiteid elust ja praktikast. Saime ise olulisemad aspekid koos näidetega läbi teha. Sami Laiho on oma ala spetsialist. Väga tugev kõneleja ja hinnatud turvaspetsialist. Tema koolitustest võtaks tulevikus kindlasti veel osa."


Koolitus toimub aadressil Vana-Lõuna 39/1, Tallinn, IT Koolituse ruumides. Parkida saab Europarki parklas Veerenni 36, EP63.

09:30 - 11:00 koolitus
11:00 - 11:15 paus
11:15 - 12:45 koolitus
12:45 - 13:30 lõuna
13:30 - 15:00 koolitus
15:00 - 15:15 paus
15:15 - 16:45 koolitus


Registreerudes e-poe, e-kirja või telefoni teel, saadame Teile arve ja täpsema info osalemise kohta.
Üksteist päeva enne koolitust saadame Teile e-kirjaga meenutuse osalemise infoga.

Koolitusel osalemine on nimeline, kuid saate osalejat tasuta muuta kuni koolituse alguseni.

Koolituse eest tasumine toimub arvel viidatud arveldusarvele. Arve saadetakse maksja aadressile e-postiga. Arve tuleb tasuda enne koolituse algust arvel märgitud maksetähtajaks.

IT Koolitus on Eesti Töötukassa koolituskaardi koostööpartner. Tutvuge koolituskaardi infoga SIIN.
Täpsema info saamiseks võtke meiega ühendust telefonil 618 1727 või [email protected].


Kui te ei saa mingil põhjusel koolitusel osaleda, palun andke sellest teada e-posti aadressil [email protected]. Kui teatate mitteosalemisest vähemalt 7 kalendripäeva ette, lepime Teiega kokku uue aja või tagastame 100% koolituse maksumusest. Tagastame koolituse osalustasu täismahus juhul, kui pole tehtud koolituse korraldamisega seotud kulutusi (ostetud õppematerjale jms). Koolitusele mitteilmumisel, sellest mitteteatamisel või koolituse poolelijätmisel õppetasu ei tagastata.