Course Grade Received: A
Windows System Management & Security
This course focused on Windows system administration and enterprise security, emphasizing the configuration, management, and protection of Windows client and server environments. Students gained hands-on experience with Active Directory, Group Policy, and core network services such as DNS and DHCP. The course also explored system hardening, malware mitigation, auditing, and secure virtualization within Windows-based infrastructures.
Course Objectives
- Install, configure, and manage Windows Server environments
- Design and administer Active Directory domains and services
- Implement Group Policy for system security and configuration management
- Configure essential network services (DNS, DHCP, file and storage systems)
- Perform system auditing and analyze security logs
- Mitigate malware threats and secure Windows systems
- Implement authentication mechanisms and access control strategies
- Design and apply Public Key Infrastructure (PKI) concepts
- Secure remote access and enterprise network environments
- Ensure system reliability, availability, and performance
🔹 Key Skills & Topics
🪟 Windows Administration
- Windows Server installation & configuration
- Active Directory (AD DS)
- Group Policy Objects (GPOs)
- User & access management
🌐 Networking & Infrastructure
- DNS & DHCP configuration
- File, storage, and service management
- Network security fundamentals
- Remote access configuration
🔐 Security & Defense
- System hardening (Windows environments)
- Malware detection & mitigation
- Security auditing & log analysis
- Authentication & authorization models
- PKI fundamentals
☁️ Virtualization & Enterprise Systems
- Virtual machine deployment
- Secure virtualization practices
- Enterprise system management
Course Material
🛡️ Ransomware Mitigation Strategies for Windows Systems (CYSE 280)
Technologies & Frameworks: Windows Server 2016/2019/2022, Windows Defender, WSUS, AppLocker, GPOs, NIST CSF, 3-2-1 Backup Strategy
This research paper examines ransomware mitigation strategies for Windows servers and endpoints, using the BlackByte (2024) and WannaCry (2017) attacks as case studies. It analyzes the ransomware lifecycle, evaluates technical countermeasures, and provides actionable recommendations grounded in NIST’s Cybersecurity Framework and industry best practices.
🔍 Project Highlights
- Analyzed two real-world ransomware case studies — WannaCry (2017) and BlackByte (2024) — identifying attack vectors, tools, and outcomes
- Applied the NIST CSF five-function model (Identify, Protect, Detect, Respond, Recover) to structure a comprehensive mitigation framework
- Evaluated Windows-native security tools including Defender, AppLocker, WSUS, GPOs, and Event Logs
- Developed a comparison table of tools, functionality, mitigation impact, and implementation complexity
- Proposed 12 actionable recommendations covering backups, EDR solutions, network segmentation, authentication, and employee training
- Created custom flowcharts illustrating ransomware detection, response, and recovery phases
🔐 Security Concepts Applied
- Ransomware lifecycle analysis (infection, propagation, execution, impact, recovery)
- Crypto vs. Locker ransomware differentiation
- EternalBlue SMB exploit and MS17-010 patch management
- 3-2-1 backup strategy and immutable/air-gapped storage
- Endpoint Detection and Response (EDR) implementation
- Phishing simulation and human factors integration
- RaaS (Ransomware-as-a-Service) threat modeling
🧠 What This Paper Demonstrates
This paper demonstrates the ability to conduct applied cybersecurity research at a professional level — analyzing real-world attack scenarios, evaluating technical defense frameworks, and translating NIST standards into practical, organization-ready recommendations for Windows environments.
CYSE-280-Final-Research-Paper-FD-submission