Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
1
Section 1: Getting Started
6
Section 2: Applying Security and Hardening
13
Section 3: Protecting, Detecting, and Responding for Windows Environments

Deploying Windows Defender Application Control

WDAC adheres to a zero-trust model and only allows whitelisted, digitally signed software to run on Windows systems. WDAC uses a Configurable Code Integrity (CCI) policy to act as the whitelist configuration. When combining WDAC with virtualization-based security hypervisor isolation and UEFI Secure Boot, the technology is collectively known as Device Guard. Windows Defender Application Control can be managed with Group Policy, Configuration Manager, and Intune and can be configured with PowerShell. The Audit-only enforcement mode logs events to Event Viewer for analysis before enforcing the policy on endpoints.

Tip

It's extremely important to understand the effects of deploying a WDAC policy in your environment. We strongly encourage you to read the Microsoft Policy Design guide and build a strategy that fits your environment's needs before deploying a policy. Information about designing a policy can be found at this link...