Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
Section 1: Getting Started
Section 2: Applying Security and Hardening
Section 3: Protecting, Detecting, and Responding for Windows Environments

Hardening Windows Server

Ensuring your Windows servers are properly hardened is critical to maintaining a good security posture and minimizing the attack surface. A best practice for Windows server is to only enable the roles and services required to perform necessary functions and to lock down the network to only allow the required ports and sources to communicate. Next, we will look at implementing a security baseline. We will cover how to implement the Microsoft Security and Compliance toolkit recommended baseline for member servers, discuss network access controls and the various logon types used to access servers, configure inactivity timeouts for interactive sessions, and configure account lockout policies. Finally, we will discuss implementing a fine-grained password policy in order to enforce strict requirements to highly privileged accounts and securing the logon process before learning about how to use Azure Disk Encryption to encrypt data on VMs that live in Azure.