Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
1
Section 1: Getting Started
6
Section 2: Applying Security and Hardening
13
Section 3: Protecting, Detecting, and Responding for Windows Environments

Summary

In this chapter, we have covered validating controls within your environment. This includes looking at both internal auditing as well as external auditing. We then reviewed what SOC is and the different types, before reviewing the importance of vendor assessments as part of your vendor onboarding process. Next, we reviewed the Microsoft Service Trust portal, which is a place to view all of Microsoft's audits and assessments. We then finished the section with an overview of the regulatory compliance center within Azure Security Center.

In the next section, we covered vulnerability scanning, which included a detailed review of what scanning and assessments are and how Security Center can help with running assessments. We then reviewed penetration testing and remediation, which involved reviewing the different types of penetration tests, the process to execute, the importance of remediation, and an overview of the rules of engagement that Microsoft has published. In the...