Book Image

Windows Server Security Essentials

Book Image

Windows Server Security Essentials

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Windows Server Security Essentials
Feb, 2015 | 240 pages
No titles found
Table of Contents (16 chapters)
Getting Started with Windows Server Security
Getting Started with Windows Server Security
Credits
Credits
About the Author
About the Author
Acknowledgments
Acknowledgments
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Operating System and Baseline Security
Operating System and Baseline Security
Microsoft Windows Server
Baseline and security
Summary
2
Native MS Security Tools and Configuration
Native MS Security Tools and Configuration
Microsoft SCM
Administering Microsoft SCM
Creating and implementing security policies
Exporting GPO from Active Directory
Importing GPO into SCM
Merging imported GPO with the SCM baseline policy
Exporting the SCM baseline policy
Importing a policy into Active Directory
Maintaining and monitoring the integrity of a baseline policy
Application control and management
Summary
3
Server Roles and Protocols
Server Roles and Protocols
Server types and roles
Managing servers using Server Manager
Server Message Block
Summary
4
Application Security
Application Security
File or data server
Print server
Hyper-V servers
Internet Information Services
Summary
5
Network Service Security
Network Service Security
Baseline policies
Dynamic Host Configuration Protocol
Service accounts
Enhanced Mitigation Experience Toolkit
Summary
6
Access Control
Access Control
Dynamic Access Control
Summary
7
Patch Management
Patch Management
Microsoft Windows Server Update Services
Summary
8
Auditing and Monitoring
Auditing and Monitoring
Auditing
Monitoring
Summary
Index
Index

Maintaining and monitoring the integrity of a baseline policy

Once you have baseline security in place, whether it is a true business policy or a combination of business and industry practices, you will need to maintain this state to ensure the security and integrity. The whole idea is to compare your baseline image with the current image in order to validate the settings. There are many ways to achieve this. Microsoft has a free tool called Attack Surface Analyzer (ASA) that can be used to compare the two states of the system. The details and capabilities of this tool can found at http://www.microsoft.com/en-us/download/details.aspx?id=24487.

Microsoft ASA

An administrator can perform the following steps to install, configure, and generate an Attack Surface Report using Microsoft ASA:

  1. Download Attack Surface Analyzer from http://www.microsoft.com/en-us/download/details.aspx?id=24487.

  2. Complete the installation. It is a standalone, simple MSI installation process.

  3. Open the Attack Surface Analyzer...

Previous Section
End of Section 10
Next Section