Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
Section 1: Getting Started
Section 2: Applying Security and Hardening
Section 3: Protecting, Detecting, and Responding for Windows Environments

Enforcing policies with MDM

When a device becomes fully Azure AD joined, it opens new opportunities to layer and enforce security policies. Unlike domain-joined or hybrid-joined devices, a fully Azure AD joined device is not part of an on-premises domain, it never connects to a domain controller, and it does not receive Group Policy. Many organizations have years worth of GPOs that they rely on to harden their Windows systems and the question now becomes how to move and enforce these policies with MDM. The answer is to use Configuration Manager, Intune, or a combination of the two with co-management. Unfortunately, there is no clear lift-and-shift path, and part of the challenge is the auditing and evaluation of what currently exists.

In this section, we are going to learn about creating and enforcing policies with MDM. We will walk through how to build, assign, and enforce compliance settings such as configuration items and configuration baselines in Configuration Manager and how...