Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
Section 1: Getting Started
Section 2: Applying Security and Hardening
Section 3: Protecting, Detecting, and Responding for Windows Environments

Understanding the security transformation

Over the years, security has evolved from being just a shared role or a role that didn't even exist within a business. Today, well-defined teams and organizational structures do actually exist or are being created to focus solely on security. Not only are these teams maturing constantly, but the Chief Information Security Officer (CISO) has become a person of significant importance who may report directly to a Chief Executive Officer (CEO) within an organization and not the CIO.

Over the years, many roles that never existed before have begun to appear within the security world, and new skill sets are always in demand. As an overview, the following is a list of some of the more common security roles that you can expect to see within a security program: 

  • CISO/CSO (Chief Information Security Officer/Chief Security Officer)
  • IT Security Director
  • IT Security Manager
  • Security Architect/Engineer
  • Security Analyst
  • Security/Compliance Officer
  • Security Administrator
  • Security Engineer
  • Software/Application Security Developer
  • Software/Application Security Engineer
  • Cryptographer/Cryptologist
  • Security Consultant/Specialist
  • Network Security Engineer
  • Cloud Security Architect

One thing to point out, in regard to these roles, is the major shortage of the cybersecurity workforce throughout the world. A cybersecurity workforce study by (ISC)² shows that a worldwide growth of 145% is needed to meet the demand for cyber experts. In the US, this number needs to grow by 62%. These numbers clearly show the demand for skilled cybersecurity experts along with opportunities for growth. The challenge with this growth is that new positions are continuously being created as new skills are needed, which makes it difficult to find well-seasoned talent (read more about the (ISC)² 2019 Cybersecurity Workforce Study here:

One of the primary factors for the growing need of security experts correlates to the advancement of the PC (or personal computer) and its evolution throughout the years. The PC has changed the way we connect. And, with this evolution comes the supporting infrastructure, which has evolved into many data centers seen throughout the world.

As we are all aware, Windows has been the victim of numerous vulnerabilities over the years and continues to be a victim even today. The initial idea behind the Windows Operating System (OS) was a strong focus on usability and productivity. As a result of its success and adoption across the globe, it became a common target for exploits. This, in turn, created many gaps in the security of Windows that have traditionally been filled by many other companies. A good example is a need for third-party AV software. As the world has turned more toward digitization over the years, and the adoption of Windows usage has continued to grow, so has the need for improved security along with dedicated roles within this area. Protecting Windows has not been an easy task, and it continues to be an ongoing challenge.