๐Ÿ“ Notes

Windows Fundamentals 1

  • Introduction to Windows
  • Windows Editions
  • The Desktop (GUI)
  • The File System
    • FAT, HPFS, NTFS and Alternate Data Streams (ADS)
  • The Windows\System32 Folders
    • %windir% and System32
  • User Accounts, Profiles, and Permissions
  • User Account Control
  • Settings and the Control Panel
  • Task Manager

Windows Fundamentals 2

  • System Configuration
    • MSConfig (General, Boot, Services, Startup, Tools)
    • Change UAC Settings
    • User Account Control (UAC)
  • Computer Management
    • Computer Management (compmgmt), Event Viewer, Event Logs, Device Manager
  • System Information
    • System Information (msinfo32)
  • Resource Monitor
    • Resource Monitor (resmon)
  • Command Prompt
    • command prompt (cmd), hostname, whoami, ipconfig, /?, netstat, net, net user, net help user
  • Registry Editor
    • Registry Editor (regedit)

Windows Fundamentals 3

  • Windows Updates
  • Windows Security
  • Virus & threat protection
    • Manage settings (Real-time protection, Cloud-delivered protection, Automatic sample submission, Controlled folder access, Exclusions, Notifications)
    • Virus & threat protection updates (Check for updates)
    • Ransomware protection (Controlled folder access)
  • Firewall & network protection
    • Domain, Private, and Public network.
  • App & browser control
    • Exploit protection (Control flow guard (CFG), Data Execution Prevention (DEP), Force randomization for images (Mandatory ASLR)
  • Device security
    • Core isolation (Memory Integrity) and Security processor
    • Trusted Platform Module (TPM)
  • BitLocker
  • Volume Shadow Copy Service
    • Create a restore point
    • Perform system restore
    • Configure restore settings
    • Delete restore points

๐Ÿง Conclusions
The Windows Fundamentals 1โ€“3 rooms were valuable even with my prior IT experience, as they reinforced and expanded my understanding of the Windows operating system from a security perspective. The modules provided structured insights into system configuration, user permissions, and built-in security tools like BitLocker, Defender, and the Windows Registry. Revisiting these topics helped me connect previous hands-on experience with core Blue Team concepts, making it easier to identify and interpret potential threats in a SOC environment.