Windows Hardening Clinic: Bootcamp Unit
RCCE students will learn Windows endpoint security including OS hardening, Group Policy configuration, Windows Defender features, registry security, PowerShell security, and Windows logging architecture. RCCE students will learn to harden Windows operating systems following CIS Benchmarks and STIG guidelines, configure Group Policy for security enforcement, manage Windows Defender Antivirus, Firewall, and Exploit Guard, secure PowerShell execution environments, implement Windows event log collection for security monitoring, detect and investigate Windows-based attacks including credential theft, lateral movement, and persistence techniques, and manage Windows security updates and patch deployment. This hands-on hardening course focuses on reducing attack surface through practical configuration changes and security guardrails. At an expert level, RCCE students will learn to apply hardening baselines, validate configurations, and measure the security improvement achieved. Students walk away with actionable hardening checklists and the skills to maintain hardened configurations as environments evolve.
- Endpoint Security Engineers and EDR Analysts
- Windows and macOS Administrators managing privileges
- Identity and Access Management Engineers
- IT Security Operations Leads reducing attack surface
- Professionals implementing Windows Hardening Clinic: Bootcamp Unit
- Execute hands-on tasks for windows hardening clinic
- Execute hands-on tasks for bootcamp unit
- Execute hands-on tasks for harden windows endpoints — covering Apply CIS Benchmarks and STIG baselines.
- Execute hands-on tasks for configure security enforcement — covering Master Group Policy for security, Deploy Defender AV, Firewall, Exploit Guard, Secure PowerShell execution environments.
- Execute hands-on tasks for master group policy for security — covering Deploy Defender AV, Firewall, Exploit Guard, Secure PowerShell execution environments.
- Execute hands-on tasks for deploy defender av, firewall, exploit guard — covering Secure PowerShell execution environments.
- Monitor and audit privilege usage; detect escalation attempts, including Windows event log collection.
- Execute hands-on tasks for respond and maintain — covering Integrate with IR playbooks.
- Execute hands-on tasks for topic map: 18 subtopics
- Execute hands-on tasks for 01 windows attack surface analysis
- Execute hands-on tasks for 03 group policy security configuration
- Execute hands-on tasks for 04 windows defender antivirus
| Module 01 | Windows Hardening Clinic |
| Module 02 | Bootcamp Unit |
| Module 03 | Harden Windows Endpoints |
| Module 04 | Configure Security Enforcement |
| Module 05 | Master Group Policy for security |
| Module 06 | Deploy Defender AV, Firewall, Exploit Guard |
| Module 07 | Monitor and Detect Threats |
| Module 08 | Respond and Maintain |
| Module 09 | Topic Map: 18 Subtopics |
| Module 10 | 01 Windows Attack Surface Analysis |
| Module 11 | 03 Group Policy Security Configuration |
| Module 12 | 04 Windows Defender Antivirus |
| Module 13 | 05 Windows Defender Firewall |
| Module 14 | 06 Windows Defender Exploit Guard |
All hands-on labs run on Rocheston Rose X OS. Students practice windows hardening clinic: bootcamp unit by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for windows hardening clinic
- Lab 2: Execute hands-on tasks for bootcamp unit
- Lab 3: Execute hands-on tasks for harden windows endpoints
- Lab 4: Execute hands-on tasks for configure security enforcement
- Lab 5: Execute hands-on tasks for master group policy for security
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Windows Hardening Clinic: Bootcamp Unit, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI