Book Image

Windows Server Security Essentials

Book Image

Windows Server Security Essentials

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Windows Server Security Essentials
Feb, 2015 | 240 pages
No titles found
Table of Contents (16 chapters)
Getting Started with Windows Server Security
Getting Started with Windows Server Security
Credits
Credits
About the Author
About the Author
Acknowledgments
Acknowledgments
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Operating System and Baseline Security
Operating System and Baseline Security
Microsoft Windows Server
Baseline and security
Summary
2
Native MS Security Tools and Configuration
Native MS Security Tools and Configuration
Microsoft SCM
Administering Microsoft SCM
Creating and implementing security policies
Exporting GPO from Active Directory
Importing GPO into SCM
Merging imported GPO with the SCM baseline policy
Exporting the SCM baseline policy
Importing a policy into Active Directory
Maintaining and monitoring the integrity of a baseline policy
Application control and management
Summary
3
Server Roles and Protocols
Server Roles and Protocols
Server types and roles
Managing servers using Server Manager
Server Message Block
Summary
4
Application Security
Application Security
File or data server
Print server
Hyper-V servers
Internet Information Services
Summary
5
Network Service Security
Network Service Security
Baseline policies
Dynamic Host Configuration Protocol
Service accounts
Enhanced Mitigation Experience Toolkit
Summary
6
Access Control
Access Control
Dynamic Access Control
Summary
7
Patch Management
Patch Management
Microsoft Windows Server Update Services
Summary
8
Auditing and Monitoring
Auditing and Monitoring
Auditing
Monitoring
Summary
Index
Index

Enhanced Mitigation Experience Toolkit

Even though the best practice is to run minimal server roles and third-party applications on a server, sometimes it is required to run some non-Microsoft, non-recommended, and legacy services on an enterprise server. This may be due to some of the business and technical policies in your organization. This brings another type of threat to your organization. Microsoft has a free tool called Enhanced Mitigation Experience Toolkit (EMET), which can provide another layer of protection for your system and applications. EMET provides multiple mitigation technologies such as:

  • Structured Exception Handler Overwrite Protection (SEHOP)

  • Data Execution Prevention (DEP)

  • Mandatory Address Space Layout Randomization (ASLR)

  • Certificate Trust (Pinning)

The details of these technologies can be found at http://blogs.technet.com/b/srd/archive/2009/02/02/preventing-the-exploitation-of-seh-overwrites-with-sehop.aspx and http://blogs.technet.com/b/srd/archive/2013/05/08/emet-4...

Previous Section
End of Section 5
Next Section