Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
1
Section 1: Getting Started
6
Section 2: Applying Security and Hardening
13
Section 3: Protecting, Detecting, and Responding for Windows Environments

Connecting to Microsoft Defender ATP

Microsoft Defender ATP was initially designed to support the Windows 10 OS, but now has extended support to include versions of Windows server. This includes servers that use Windows Defender Antivirus, as well as System Center Endpoint Protection. The following servers support onboarding to the Microsoft Defender ATP service:

  • Windows Server 2008 R2 SP1
  • Windows Server 2012 R2
  • Windows Server 2016
  • Windows Server, version 1803
  • Windows Server 2019

The official Microsoft documentation for Microsoft Defender ATP, including an overview of its features, can be found at this link:

https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-advanced-threat-protection

There are two methods supported that allow you to onboard Windows Server 2016 and lower. You can automatically onboard with Azure Security Center (ASC) using an Azure VM extension or deploy and configure the...