Mastering Windows Security and Hardening

(ebook) (audiobook) (audiobook)

Autorzy:: Mark Dunkerley, Matt Tumbarello

Mastering Windows Security and Hardening Mark Dunkerley, Matt Tumbarello - okładka książki

Mastering Windows Security and Hardening Mark Dunkerley, Matt Tumbarello - okładka audiobooka MP3

Mastering Windows Security and Hardening Mark Dunkerley, Matt Tumbarello - okładka audiobooks CD

Wydawnictwo:: Packt Publishing (Z chęcią przeczytam książkę w języku polskim)
Ocena:: Bądź pierwszym, który oceni tę książkę
Stron:: 572
Dostępne formaty::      PDF

     ePub

     Mobi

Ebook

139,00 zł

Dodaj do koszyka lub Kup na prezent Kup 1-kliknięciem

Przenieś na półkę

Do przechowalni

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users?

Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions.

We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you'll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations.

By the end of this book, you'll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.

Wybrane bestsellery

Ebooka przeczytasz na:

czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
systemach Windows, MacOS i innych

systemach Windows, Android, iOS, HarmonyOS
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi

Masz pytania? Zajrzyj do zakładki Pomoc »

Audiobooka posłuchasz:

w aplikacji Ebookpoint na Android, iOS, HarmonyOs
na systemach Windows, MacOS i innych

na dowolonych urządzeniach
i aplikacjach obsługujących format MP3
(pliki spakowane w ZIP)

Masz pytania? Zajrzyj do zakładki Pomoc »

Kurs Video zobaczysz:

Oceny i opinie klientów: Mastering Windows Security and Hardening Mark Dunkerley, Matt Tumbarello (0) Weryfikacja opinii następuję na podstawie historii zamówień na koncie Użytkownika umieszczającego opinię. Użytkownik mógł otrzymać punkty za opublikowanie opinii uprawniające do uzyskania rabatu w ramach Programu Punktowego.

Szczegóły książki

Tytuł oryginału:: Mastering Windows Security and Hardening
ISBN Ebooka:: 978-18-392-1428-8, 9781839214288
Data wydania ebooka:: 2020-07-08 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@helion.pl.
Język publikacji:: angielski
Rozmiar pliku Pdf:: 27.4MB
Rozmiar pliku ePub:: 39.5MB
Rozmiar pliku Mobi:: 77.7MB

Kategorie:
Systemy operacyjne » Windows Server

Spis treści książki

Mastering Windows Security and Hardening
Why subscribe?
Contributors
About the authors
About the reviewer
Packt is searching for authors like you
Preface
- Who this book is for
- What this book covers
- To get the most out of this book
- Code in Action
- Download the color images
- Conventions used
- Get in touch
- Reviews
Section 1: Getting Started
Chapter 1: Fundamentals of Windows Security
- Understanding the security transformation
- Living in todays digital world
- Today's threats
- Identifying vulnerabilities
- Recognizing breaches
- Current security challenges
- Implementing a Zero Trust approach
- Summary
Chapter 2: Building a Baseline
- Introduction to baselining
- Policies, standards, procedures, and guidelines
  - Defining policies
  - Setting standards
  - Creating procedures
  - Recommending guidelines
- Incorporating change management
- Implementing a security framework
- Building baseline controls
  - CIS
  - Windows security baselines
- Implementing a baseline
  - CIS
  - Microsoft SCT
- Incorporating best practices
- Summary
Chapter 3: Server Infrastructure Management
- Technical requirements
- Overview of the data center and the cloud
  - Types of data center
    - On-premise
    - Cloud
    - Hybrid
- Implementing access management in Windows servers
  - Physical and user access security
  - Privileged Access Management, Just-in-Time Access, and Privileged Identity Management
  - Using a tiered model for privileged access
    - Tier 0
    - Tier 1
    - Tier 2
    - Important considerations
  - Enhanced security administrative environment
  - Access management best practices
- Understanding Windows Server management tools
  - Introducing Server Manager
    - Using the Best Practices Analyzer (BPA)
  - Looking at Event Viewer
  - Using Windows Server Update Services
  - Introducing Windows Admin Center
- Using Azure services to manage Windows servers
  - The Azure portal and Marketplace
    - Using the Azure Marketplace
  - Implementing role-based access control
  - Azure Resource Manager
  - Understanding Azure Backup
    - Securing Azure Backup
  - Introducing Azure Update Management
  - Leveraging Azure Site Recovery
- Summary
Chapter 4: End User Device Management
- Technical requirements
- Device management evolution
- Device Imaging and Windows Autopilot
  - Windows Assessment and Deployment Kit (Windows ADK)
  - Windows Configuration Designer
  - Microsoft Deployment Toolkit
  - Windows Deployment Services
  - MDT and Configuration Manager
  - Windows Autopilot
- Microsoft Endpoint Configuration Manager
  - Securely deploying clients for Configuration Manager
  - Client collections, settings, and communications
    - Client settings
    - Client communication
- Intune Mobile Device Management (MDM)
  - Configuration Service Provider
  - Mobile Device Management versus Mobile Application Management
  - Windows enrollment methods
- Introducing Microsoft Endpoint Manager
- Summary
Section 2: Applying Security and Hardening
Chapter 5: Hardware and Virtualization
- Technical requirements
- Physical servers and virtualization
  - Microsoft virtualization
    - Hyper-V
    - Azure virtual machines
    - Windows Virtual Desktop
  - Hardware security concerns
  - Virtualization security concerns
  - Cloud hardware and virtualization
- Introduction to hardware certification
- BIOS and UEFI, TPM 2.0, and Secure Boot
  - Unified Extensible Firmware Interface
  - UEFI Secure Boot
  - Trusted Platform Module (TPM 2.0)
- Advanced protection with VBS
  - Credential Guard
    - Enabling Credential Guard with MDM (Intune)
    - Enabling Credential Guard with Group Policy
  - Device Guard
    - Enabling Device Guard and Windows Defender Application Control with Group Policy
  - Windows Defender Application Guard
  - Hypervisor-Protected Code Integrity
    - Enabling HVCI
  - Windows Defender System Guard
- Hardware security recommendations and best practices
- Summary
Chapter 6: Network Fundamentals for Hardening Windows
- Technical requirements
- Network security fundamentals
- Understanding Windows Network Security
  - Network baselining
  - Windows 10
    - Wireless Local Area Network (WLAN)/Wi-Fi
    - Bluetooth
    - Virtual Private Networks (VPNs)
  - Windows Server
    - Local Area Network (LAN)/Ethernet
    - Server roles and features
  - Networking and Hyper-V
  - Network troubleshooting
- Windows Defender Firewall and Advanced Security
  - Configuring a firewall rule with Group Policy
  - Windows Defender Exploit Guard Network Protection
    - Configuring Windows Defender Exploit Guard Network Protection using Group Policy
- Introducing Azure network security
  - Network Security Groups (NSGs)
    - Service tags
    - Application Security Groups (ASGs)
    - Creating a network security group in Azure
- Summary
Chapter 7: Identity and Access Management
- Technical requirements
- Identity and access management overview
  - Identity
  - Authentication
  - Authorization
  - Accountability
- Implementing account and access management
  - HR and identity management
  - Integrating directory services
  - Using local administrative accounts
  - Managing Azure external user access (B2B)
  - Understanding the Azure cloud administrative roles
    - The Office 365 admin and Azure AD roles
    - Using Intune roles
    - Security and compliance admins
  - Implementing PAM security tools (PAM, PIM, and JIT)
    - Using PAM
    - Connecting with JIT access
    - Enabling admins with Azure AD PIM
  - Using Azure RBAC
- Understanding authentication, MFA, and going passwordless
  - Securing your passwords
  - Introducing SSPR
    - Implementing SSPR for Windows 10 login
  - Using Azure AD Seamless SSO
  - Configuring Azure SSO
  - Configuring MFA
  - Introducing Windows Hello
  - Understanding going passwordless
- Using Conditional Access and Identity Protection
- Summary
Chapter 8: Administration and Remote Management
- Technical requirements
- Understanding device administration
  - Differences between domain join, hybrid, and Azure AD joined devices
- Enforcing policies with MDM
  - Creating compliance settings with Configuration Manager
    - Introduction to Configuration Items
    - Creating a Configuration Item
    - Building a Configuration Baseline
    - Reporting on a Configuration Baseline
    - Assigning Endpoint Protection
  - Creating Policies with Intune
    - Configuring a device compliance policy
    - Configuring a device configuration profile
    - Deploying PowerShell scripts
    - Using Administrative Templates
    - Enforcing Intune security baselines
- Building security baselines
  - Using the Microsoft Security Compliance Toolkit
    - Comparing policies with Policy Analyzer
    - Creating a GPO from the baseline recommendation
  - Creating a Configuration Baseline from a GPO
- Connecting securely to servers remotely
  - Remote management and support tools
  - Using Azure Security Center Just-in-Time access
  - Connecting with Azure Bastion
- Introducing PowerShell security
  - Configuring PowerShell logging
  - Using PowerShell Constrained Language Mode
  - Enabling script execution
- Summary
Chapter 9: Keeping Your Windows Client Secure
- Technical requirements
- Securing your Windows clients
- Introducing Windows Update for Business
  - Configuring Windows updates in Intune
    - Managing update deployments
    - Monitoring update deployments
- Advanced Windows hardening configurations
  - Enabling Windows Hello for Business
  - Managing BitLocker encryption
  - Configuring Windows Defender AV
  - Enabling Microsoft Defender SmartScreen
  - Preventing name resolution poisoning
    - Link-Local Multicast Name Resolution
    - NetBIOS Name Service (NBT-NS)
    - Disabling Google Chrome mDNS
  - Disabling the Web Proxy Autodiscovery Protocol (WPAD)
  - Configuring Office security baselines
    - Deploying user-based office policies
  - Hardening Google Chrome
    - Whitelisting extensions
  - Preventing user access to the registry
  - Windows Defender Application Control
    - Considerations for WDAC or AppLocker
- Windows 10 privacy
  - Controlling the privacy settings for each app
  - Additional privacy settings
  - Privacy settings for Microsoft Edge
- Summary
Chapter 10: Keeping Your Windows Server Secure
- Technical requirements
- Windows Server versions
- Installing Windows Server roles and features
  - Reducing the Windows Server footprint
  - Installing Nano Server 2019
- Configuring Windows updates
  - Implementing Windows Server Update Services (WSUS)
  - Deploying Azure Update Management
- Connecting to Microsoft Defender ATP
  - Onboarding with Group Policy
  - Onboarding with Configuration Manager
- Hardening Windows Server
  - Implementing a security baseline
    - Controlling User Rights Assignment
    - Configuring Accounts settings
    - Configuring Interactive Logon
    - Setting Remote Desktop Protocol session time limits
    - Configuring account policies
    - Implementing fine-grained password policies
    - Securing the logon process
  - Using Azure Disk Encryption
    - Creating an Azure Key Vault
    - Creating a key encryption key (KEK)
    - Enabling Azure Disk Encryption on a virtual machine
- Deploying Windows Defender Application Control
- Summary
Section 3: Protecting, Detecting, and Responding for Windows Environments
Chapter 11: Security Monitoring and Reporting
- Technical requirements
- Monitoring with MDATP
  - Investigating an alert
    - The Threat analytics dashboard
    - The Threat & Vulnerability Management dashboard
    - Machine health and compliance
    - Software inventory report
  - Onboarding workstations to the MDATP service
  - Enabling the Microsoft Intune connection
  - Creating a machine risk compliance policy
  - Enabling advanced features
- Deploying Log Analytics
  - Installing gallery solutions
    - Update Compliance for Windows 10
    - Deploying ChangeTracking
    - Using ServiceMap
    - Using Wire Data 2.0
- Monitoring with Azure Monitor and activity logs
  - Secure access to Azure Monitor
  - Monitoring Azure activity logs
- Configuring ASC
- Creating performance baselines
- Summary
Chapter 12: Security Operations
- Technical requirements
- Introducing the SOC
- Using the M365 security portal
  - Understanding Microsoft Secure Score
  - Classifying your data
    - DLP
    - AIP
    - WIP
- Using MCAS
  - Reviewing the activity log
  - Looking at a users activity
- Configuring Azure ATP
  - Planning for Azure ATP
  - Activating your instance
  - Understanding the kill chain
  - Looking at alerts
- Investigating threats with Azure Security Center
- Introducing Azure Sentinel
  - Creating the connection
- Microsoft Defender Security Center
  - Assigning permissions and machine groups
  - Reviewing the alerts queue
  - Automated Investigations
- Planning for business continuity and DR
- Summary
Chapter 13: Testing and Auditing
- Technical requirements
- Validating controls
- Vulnerability scanning
  - Preparing for a vulnerability scan
- Planning for penetration testing
  - Executing a penetration test
  - Reviewing the findings
- Security awareness and training
- Summary
Chapter 14: Top 10 Recommendations and the Future
- The 10 most important to-dos
  - Implementing identity protection and privileged access
  - Enact a Zero Trust access model
  - Define a security framework
  - Get current and stay current
  - Make use of modern management tools
  - Certify your physical hardware devices
  - Administer network security
  - Always encrypt your devices
  - Enable endpoint protection
  - Deploy security monitoring solutions
  - Other important items
    - Stay educated
    - Validate controls
    - Application controls
    - Security baselines and hardening
    - Business continuity and disaster recovery
- The future of device security and management
- Security and the future
- Summary
Other Books You May Enjoy
- Leave a review - let other readers know what you think

pokaż cały spis treści