Windows Server 2016 provides tools for administrators to armor-plate server systems to protect data, ensure stability, avoid malware and guard against credential theft. BitLocker and EFS protect data at rest with robust and manageable encryption as well as platform validation. In this course, Windows Server 2016 Security Hardening, you'll discover how to harden your security so that it's orders of magnitude more secure than the default configuration. First, you'll discover how to encrypt server volumes and folders so only legitimate users have access. Next, you'll explore how to build a Windows update architecture that keeps servers properly patched at all times. Then, you'll learn how to stop password theft with Credential Guard and Virtualization Based Security. Finally, you'll get organized about security hardening with free baselines, templates, and tools. By the end of this course, you'll know how to set up BitLocker and EFS, automate update distribution with WSUS, restrict software with digital signatures and code integrity policies, protect Kerberos tickets and password hashes, and incorporate security best practices from Microsoft after tailoring them for your own organization.