Auditing IIS Web Servers for Security and Best Practices

Cyber-attacks are on the rise. Microsoft IIS is used to serve web sites around the world. This course will teach you how to audit your server's security and mitigate common insecure configurations as well as reduce your attack surface.
Course info
Rating
(28)
Level
Intermediate
Updated
September 22, 2016
Duration
1h 40m
Table of contents
Description
Course info
Rating
(28)
Level
Intermediate
Updated
September 22, 2016
Duration
1h 40m
Description

With more services being offered online and the growing electronic storage of personal data, cyber-attacks are also on the rise. Installing a web server may be as easy as a few simple clicks, but is it safe? In this course, Auditing IIS Web Servers for Security and Best Practice, you'll learn how to audit your web server's system security and how to reduce the risk of your site and data being compromised. First, you'll learn how to audit your HTTPS usage and lower your attack surface. Then, you'll learn how to protect against well-known vulnerabilities. Finally, you'll learn how to build a rock-solid configuration that draws upon best practices and mitigation techniques against common attacks. Upon course completion, you'll have the skills and knowledge to audit and secure your web server against online threats.

About the author
About the author

Peter has over 10 years’ experience with different industry sectors in improving and streamlining infrastructure with a focus on system security and has helped businesses comply with industry standards such as PCI DSS and ISO 27001.

Transcript
Transcript

Hi everyone, my name is Peter Kyrannis and welcome to my course Auditing IIS Web Servers for Security and Best Practice.
I am a Technical Consultant at CloudShield. 
IIS is one of the most common web server platforms on the internet. With that being the case, it's also commonly a target for hackers.
This course is an insight into the methods of identifying weak configurations and how to mitigate them for a secure web server. 
Some of the major topics that we will cover include

  • 1. SSL certificates and HTTPS usage
  • 2. Attack surface and common attacks such as SQL injection
  • 3. Common vulnerability mitigation
  •  
  • 4. IIS segregation and least privledge

By the end this course, you値l know how to audit your web server's security and how to implement best practice.
Before beginning the course you should be familiar with basic windows administration and how to install IIS.
I hope you'll join me on this journey to learn about secure web server configuration with the Auditing IIS Web Servers for Security and Best Practice course, at Pluralsight.