Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
1
Section 1: Getting Started
6
Section 2: Applying Security and Hardening
13
Section 3: Protecting, Detecting, and Responding for Windows Environments

Summary

In this chapter, we covered monitoring with MDATP. We learned how to investigate an alert and reviewed the threat analytics, Threat & Vulnerability Management, and machine health and compliance dashboards. We covered how to onboard Windows 10 endpoints and create a machine risk compliance policy in Intune from the MDATP Intune connector. Next, we learned how to use Azure Log Analytics. We covered installing gallery solutions, such as ServiceMap and Wire Data 2.0, which help to quantify the data being captured with charts and visuals. We also provided an overview of Azure Monitor, including using Azure activity logs to audit operations taken on your resources.

In the next section, we discussed ASC and provided the steps to enable advanced features and to onboard machines. Finally, we discussed the importance of capturing performance baselines in addition to building security baselines. Now that we have learned how to configure telemetry to capture performance and security...