Windows 10/11 Workstation Security Training Course – Best Practices, Hardening and Threat Prevention
- Price
- Duration
- Number of Hours
Each session will take place even if only one person is registered (except in cases of force majeure).
Description of the Windows 10/11 Workstation Security Training Course
This training course provides you with the keys to effectively securing Windows 10 and 11 workstations : from the fundamentals to advanced hardening techniques. It is aimed at IT administrators, security managers, workstation technicians and digital advisors.
Windows workstations are a prime target for cyberattacks. Without clear security policies and well-configured tools, the risks of ransomware, data leaks, or intrusions increase significantly. Also discover our Microsoft Intune Training Course and our Administering Windows 11 Training Course.
Format
Remote (recorded sessions).
GOOD TO KNOW
This training course includes numerous exercises (60% practical) to enhance learning. Each session will take place even if only one person is registered (except in cases of force majeure). A preliminary interview is held between the participant and/or a company representative in order to fully assess the participant’s profile (level, needs, professional context, challenges, etc.).
Assessment : during the training course, the trainer assesses the participants’ progress through multiple-choice questions, role-playing exercises and practical work. Participants receive a certificate of completion at the end of the training course.
This training course is part of our Workstations Training Courses. Discover our other workstation trainings to deploy, administer and secure your fleet of Windows endpoints.
objectives of the Description of the Windows 10/11 Workstation Security Training Course
By the end, each participant will be able to :
- Identify common vulnerabilities on Windows workstations
- Implement Microsoft security recommendations
- Configure BitLocker, Defender, SmartScreen, firewalls, updates
- Apply GPOs or usage restriction scripts
- Train users to adopt safe behaviours
- Strengthen local security without compromising productivity
Prerequisites
- Basic knowledge of the Windows environment (10 or 11)
- Understanding of user accounts, UAC, local security
- Experience in system administration or IT support desirable
Because each participant has a unique background and expectations, a preliminary interview with our expert allows us to precisely identify their objectives, level and professional challenges.
This enables us to tailor the training content to ensure relevant and personalised learning.
Target Audience
IT administrators, security managers, workstation technicians and digital workplace advisors.
Detailed of the Description of the Windows 10/11 Workstation Security Training Course
Risks and vulnerabilities on Windows workstations
Types of threats (malware, phishing, USB keys, shadow IT), business impact, real-life incident cases.
Authentication and Identity Security
Local accounts vs Microsoft Entra ID. Passwords, MFA and biometric security (Windows Hello). Session lockout and inactivity policies.
Data and System Protection
Encryption with BitLocker, USB copy protection, sensitive file management, recovery and TPM keys.
Microsoft Protection Tools
Microsoft Defender Antivirus & SmartScreen, Windows Firewall, Core Isolation, Virtualisation-Based Security (VBS), Application Guard.
Hardening of the workstation
PowerShell scripts, execution restrictions, port deactivation, security-specific GPOs, software restriction policies.
Awareness and good user practices
Phishing and social engineering, risky behaviour, alert messages, update management, ongoing training.
The advantages of this training course
- Pragmatic approach, focused on concrete risks and applicable solutions
- Takes into account real-world situations: microbusinesses, SMEs, local authorities, hybrid IT systems
- Suitable for IT teams or non-specialist security managers
- Compatible with local management or via Intune/GPO
FAQ – Windows 10/11 Workstation Security Training
How do I secure a Windows 10 or 11 workstation?
Securing Windows 10/11 involves enabling BitLocker disk encryption, requiring TPM 2.0 and Secure Boot, applying Microsoft security baselines (Windows Hardening Baseline), running Microsoft Defender or another EDR, restricting local admin via LAPS, applying least-privilege user accounts, configuring Windows Defender Application Control or Smart App Control, patching weekly, and limiting attack surface via ASR rules. MFE-IT trains administrators on the full Windows workstation hardening checklist.
What is Windows Defender Application Control?
Windows Defender Application Control (WDAC) is a Windows feature that lets administrators define exactly which executables, drivers, and scripts are allowed to run on managed devices — blocking everything else, including unknown malware. It is significantly stronger than traditional antivirus, but requires careful policy authoring. Through MFE-IT’s hands-on approach, learners design and deploy a WDAC policy on a sample environment during the training.
What is Microsoft LAPS?
Microsoft Local Administrator Password Solution (LAPS) automatically rotates the local administrator password on each Windows endpoint and stores the current password securely in Active Directory or Microsoft Entra ID — accessible only to authorized administrators. It eliminates the practice of using a single shared local admin password fleet-wide, a major attack vector. The MFE-IT Windows 10/11 Workstation Security training covers Windows LAPS deployment end to end.
Is Windows Defender enough?
Microsoft Defender Antivirus, paired with Microsoft Defender for Endpoint (the EDR component included in Microsoft 365 E5 / Defender for Business), is now considered enterprise-grade and consistently rated among the top EDRs in independent tests. For most organizations, replacing third-party AV with Defender simplifies licensing and integration. Our MFE-IT training course on Windows 10/11 Workstation Security covers Defender deployment and tuning.
Would you like to know about upcoming sessions ?
Would you like to schedule this Windows 10/11 Workstation Security Training Couse on a specific date ? Contact us by email or by filling out the contact form.