Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.

Related Content you might be interested in

Current Title:

Small book image
Mastering Windows Security and Hardening
Mark Dunkerley | Matt Tumbarello
Jul, 2020 | 572 pages
Small book image
Mastering Microsoft Endpoint Manager
Per Larsen | Christiaan Brinkhoff
Oct, 2021 | 666 pages
Small book image
Windows 10 for Enterprise Administrators
Jeff Stokes | Manuel Singer | Richard Diver
Sep, 2017 | 314 pages
Small book image
Microsoft 365 Mobility and Security – Exam Guide MS-101
Nate Chamberlain
Nov, 2019 | 312 pages
Table of Contents (19 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Code in Action
Download the color images
Conventions used
Get in touch
Reviews
1
Section 1: Getting Started
Section 1: Getting Started
Free Chapter
2
Chapter 1: Fundamentals of Windows Security
Chapter 1: Fundamentals of Windows Security
Understanding the security transformation
Living in today's digital world
Today's threats
Identifying vulnerabilities
Recognizing breaches
Current security challenges
Implementing a Zero Trust approach
Summary
3
Chapter 2: Building a Baseline
Chapter 2: Building a Baseline
Introduction to baselining
Policies, standards, procedures, and guidelines
Incorporating change management
Implementing a security framework
Building baseline controls
Implementing a baseline
Incorporating best practices
Summary
4
Chapter 3: Server Infrastructure Management
Chapter 3: Server Infrastructure Management
Technical requirements
Overview of the data center and the cloud
Implementing access management in Windows servers
Understanding Windows Server management tools
Using Azure services to manage Windows servers
Summary
5
Chapter 4: End User Device Management
Chapter 4: End User Device Management
Technical requirements
Device management evolution
Device Imaging and Windows Autopilot
Microsoft Endpoint Configuration Manager
Intune Mobile Device Management (MDM)
Introducing Microsoft Endpoint Manager
Summary
6
Section 2: Applying Security and Hardening
Section 2: Applying Security and Hardening
7
Chapter 5: Hardware and Virtualization
Chapter 5: Hardware and Virtualization
Technical requirements
Physical servers and virtualization
Introduction to hardware certification
BIOS and UEFI, TPM 2.0, and Secure Boot
Advanced protection with VBS
Hardware security recommendations and best practices
Summary
8
Chapter 6: Network Fundamentals for Hardening Windows
Chapter 6: Network Fundamentals for Hardening Windows
Technical requirements
Network security fundamentals
Understanding Windows Network Security
Windows Defender Firewall and Advanced Security
Introducing Azure network security
Summary
9
Chapter 7: Identity and Access Management
Chapter 7: Identity and Access Management
Technical requirements
Identity and access management overview
Implementing account and access management
Understanding authentication, MFA, and going passwordless
Using Conditional Access and Identity Protection
Summary
10
Chapter 8: Administration and Remote Management
Chapter 8: Administration and Remote Management
Technical requirements
Understanding device administration
Enforcing policies with MDM
Building security baselines
Connecting securely to servers remotely
Introducing PowerShell security
Summary
11
Chapter 9: Keeping Your Windows Client Secure
Chapter 9: Keeping Your Windows Client Secure
Technical requirements
Securing your Windows clients
Introducing Windows Update for Business
Advanced Windows hardening configurations
Windows 10 privacy
Summary
12
Chapter 10: Keeping Your Windows Server Secure
Chapter 10: Keeping Your Windows Server Secure
Technical requirements
Windows Server versions
Installing Windows Server roles and features
Configuring Windows updates
Connecting to Microsoft Defender ATP
Hardening Windows Server
Deploying Windows Defender Application Control
Summary
13
Section 3: Protecting, Detecting, and Responding for Windows Environments
Section 3: Protecting, Detecting, and Responding for Windows Environments
14
Chapter 11: Security Monitoring and Reporting
Chapter 11: Security Monitoring and Reporting
Technical requirements
Monitoring with MDATP
Deploying Log Analytics
Monitoring with Azure Monitor and activity logs
Configuring ASC
Creating performance baselines
Summary
15
Chapter 12: Security Operations
Chapter 12: Security Operations
Technical requirements
Introducing the SOC
Using the M365 security portal
Using MCAS
Configuring Azure ATP
Investigating threats with Azure Security Center
Introducing Azure Sentinel
Microsoft Defender Security Center
Planning for business continuity and DR
Summary
16
Chapter 13: Testing and Auditing
Chapter 13: Testing and Auditing
Technical requirements
Validating controls
Vulnerability scanning
Planning for penetration testing
Security awareness and training
Summary
17
Chapter 14: Top 10 Recommendations and the Future
Chapter 14: Top 10 Recommendations and the Future
The 10 most important to-dos
The future of device security and management
Security and the future
Summary
18
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Understanding the security transformation

Over the years, security has evolved from being just a shared role or a role that didn't even exist within a business. Today, well-defined teams and organizational structures do actually exist or are being created to focus solely on security. Not only are these teams maturing constantly, but the Chief Information Security Officer (CISO) has become a person of significant importance who may report directly to a Chief Executive Officer (CEO) within an organization and not the CIO.

Over the years, many roles that never existed before have begun to appear within the security world, and new skill sets are always in demand. As an overview, the following is a list of some of the more common security roles that you can expect to see within a security program: 

  • CISO/CSO (Chief Information Security Officer/Chief Security Officer)
  • IT Security Director
  • IT Security Manager
  • Security Architect/Engineer
  • Security Analyst
  • Security/Compliance Officer
  • Security Administrator
  • Security Engineer
  • Software/Application Security Developer
  • Software/Application Security Engineer
  • Cryptographer/Cryptologist
  • Security Consultant/Specialist
  • Network Security Engineer
  • Cloud Security Architect

One thing to point out, in regard to these roles, is the major shortage of the cybersecurity workforce throughout the world. A cybersecurity workforce study by (ISC)² shows that a worldwide growth of 145% is needed to meet the demand for cyber experts. In the US, this number needs to grow by 62%. These numbers clearly show the demand for skilled cybersecurity experts along with opportunities for growth. The challenge with this growth is that new positions are continuously being created as new skills are needed, which makes it difficult to find well-seasoned talent (read more about the (ISC)² 2019 Cybersecurity Workforce Study here: https://www.isc2.org/Research/Workforce-Study).

One of the primary factors for the growing need of security experts correlates to the advancement of the PC (or personal computer) and its evolution throughout the years. The PC has changed the way we connect. And, with this evolution comes the supporting infrastructure, which has evolved into many data centers seen throughout the world.

As we are all aware, Windows has been the victim of numerous vulnerabilities over the years and continues to be a victim even today. The initial idea behind the Windows Operating System (OS) was a strong focus on usability and productivity. As a result of its success and adoption across the globe, it became a common target for exploits. This, in turn, created many gaps in the security of Windows that have traditionally been filled by many other companies. A good example is a need for third-party AV software. As the world has turned more toward digitization over the years, and the adoption of Windows usage has continued to grow, so has the need for improved security along with dedicated roles within this area. Protecting Windows has not been an easy task, and it continues to be an ongoing challenge.

Previous Section
End of Section 2
Next Section