Windows for Beginners
RCCE students will learn Windows endpoint security including OS hardening, Group Policy configuration, Windows Defender features, registry security, PowerShell security, and Windows logging architecture. RCCE students will learn to harden Windows operating systems following CIS Benchmarks and STIG guidelines, configure Group Policy for security enforcement, manage Windows Defender Antivirus, Firewall, and Exploit Guard, secure PowerShell execution environments, implement Windows event log collection for security monitoring, detect and investigate Windows-based attacks including credential theft, lateral movement, and persistence techniques, and manage Windows security updates and patch deployment. Designed for students with no prior experience in this area, this course builds knowledge from the ground up with clear explanations, guided demonstrations, and progressive skill-building. Starting from foundational concepts, RCCE students will learn core concepts through practical examples that connect theory to real-world security operations. By completion, students will have the foundational knowledge and hands-on confidence needed to contribute in professional cybersecurity roles.
- Endpoint Security Engineers and EDR Analysts
- Windows and macOS Administrators managing privileges
- Identity and Access Management Engineers
- IT Security Operations Leads reducing attack surface
- Professionals implementing Windows for Beginners
- Execute hands-on tasks for endpoint security fundamentals
- Explain Course Overview fundamentals
- Execute hands-on tasks for what you will learn — covering Windows OS hardening fundamentals, Group Policy security configuration.
- Execute hands-on tasks for windows os hardening fundamentals — covering Group Policy security configuration.
- Execute hands-on tasks for course structure — covering 4 credit hours of instruction, Beginner-friendly approach.
- Execute hands-on tasks for learning objectives
- Execute hands-on tasks for harden & configure
- Monitor and audit privilege usage; detect escalation attempts
- Execute hands-on tasks for respond & recover — covering Apply CIS Benchmarks to.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for kernel mode components — covering Hardware Abstraction Layer (HAL).
- Execute hands-on tasks for user mode components — covering Win32 subsystem and APIs.
| Module 01 | Endpoint Security Fundamentals |
| Module 02 | Course Overview |
| Module 03 | What You Will Learn |
| Module 04 | Windows OS hardening fundamentals |
| Module 05 | Course Structure |
| Module 06 | Learning Objectives |
| Module 07 | Harden & Configure |
| Module 08 | Defend & Monitor |
| Module 09 | Respond & Recover |
| Module 10 | Windows OS Architecture |
| Module 11 | Kernel Mode Components |
| Module 12 | User Mode Components |
| Module 13 | Windows Security Model |
| Module 14 | Access Control Lists (ACLs) |
All hands-on labs run on Rocheston Rose X OS. Students practice windows for beginners by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for endpoint security fundamentals
- Lab 2: Explain Course Overview fundamentals
- Lab 3: Execute hands-on tasks for what you will learn
- Lab 4: Execute hands-on tasks for windows os hardening fundamentals
- Lab 5: Execute hands-on tasks for course structure
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Windows for Beginners, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI