We should reiterate the relevance of what has been learned in this chapter by understanding that an attack chain of events can be prevented and disrupted through a zero-trust and defense-in-depth approach. We covered various aspects of hardware security and OS security, particularly Windows 11 security. We concluded the chapter with a section on user identity security, where we looked at Windows Hello for Business and Microsoft Defender Credential Guard.
By implementing these measures and adopting security posture management, we can make an attacker consider an easier attack elsewhere that offers the least resistance by putting multiple obstacles in the attacker’s way and increasing their attack costs.
In the next chapter, we will cover advanced topics of configuration for use cases in the enterprise.