Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.

Preface

Who this book is for

What this book covers

To get the most out of this book

Code in Action

Download the color images

Conventions used

Get in touch

Reviews

Section 1: Getting Started

Free Chapter

Chapter 1: Fundamentals of Windows Security

Understanding the security transformation

Living in today's digital world

Today's threats

Identifying vulnerabilities

Recognizing breaches

Current security challenges

Implementing a Zero Trust approach

Summary

Chapter 2: Building a Baseline

Introduction to baselining

Policies, standards, procedures, and guidelines

Incorporating change management

Implementing a security framework

Building baseline controls

Implementing a baseline

Incorporating best practices

Summary

Chapter 3: Server Infrastructure Management

Technical requirements

Overview of the data center and the cloud

Implementing access management in Windows servers

Understanding Windows Server management tools

Using Azure services to manage Windows servers

Summary

Chapter 4: End User Device Management

Technical requirements

Device management evolution

Device Imaging and Windows Autopilot

Microsoft Endpoint Configuration Manager

Intune Mobile Device Management (MDM)

Introducing Microsoft Endpoint Manager

Summary

Section 2: Applying Security and Hardening

Chapter 5: Hardware and Virtualization

Technical requirements

Physical servers and virtualization

Introduction to hardware certification

BIOS and UEFI, TPM 2.0, and Secure Boot

Advanced protection with VBS

Hardware security recommendations and best practices

Summary

Chapter 6: Network Fundamentals for Hardening Windows

Technical requirements

Network security fundamentals

Understanding Windows Network Security

Windows Defender Firewall and Advanced Security

Introducing Azure network security

Summary

Chapter 7: Identity and Access Management

Technical requirements

Identity and access management overview

Implementing account and access management

Understanding authentication, MFA, and going passwordless

Using Conditional Access and Identity Protection

Summary

Chapter 8: Administration and Remote Management

Technical requirements

Understanding device administration

Enforcing policies with MDM

Building security baselines

Connecting securely to servers remotely

Introducing PowerShell security

Summary

Chapter 9: Keeping Your Windows Client Secure

Technical requirements

Securing your Windows clients

Introducing Windows Update for Business

Advanced Windows hardening configurations

Windows 10 privacy

Summary

Chapter 10: Keeping Your Windows Server Secure

Technical requirements

Windows Server versions

Installing Windows Server roles and features

Configuring Windows updates

Connecting to Microsoft Defender ATP

Hardening Windows Server

Deploying Windows Defender Application Control

Summary

Section 3: Protecting, Detecting, and Responding for Windows Environments

Chapter 11: Security Monitoring and Reporting

Technical requirements

Monitoring with MDATP

Deploying Log Analytics

Monitoring with Azure Monitor and activity logs

Configuring ASC

Creating performance baselines

Summary

Chapter 12: Security Operations

Technical requirements

Introducing the SOC

Using the M365 security portal

Using MCAS

Configuring Azure ATP

Investigating threats with Azure Security Center

Introducing Azure Sentinel

Microsoft Defender Security Center

Planning for business continuity and DR

Summary

Chapter 13: Testing and Auditing

Technical requirements

Validating controls

Vulnerability scanning

Planning for penetration testing

Security awareness and training

Summary

Chapter 14: Top 10 Recommendations and the Future

The 10 most important to-dos

The future of device security and management

Security and the future

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Summary

In this chapter, we covered, at a high level, what you can expect to read throughout this book. We provided an overview of the security in an enterprise and briefly covered the different roles that you can expect to see within security departments. Next, we looked at how security relates to the digital world and how relevant it's become as the world becomes more digital. We also looked at the usage of the Windows OS throughout the world to better understand the adoption by users.

We then reviewed the current threat landscape and the types of cyber threat sources. We moved on to provide an overview of the threats we typically see in an enterprise today. We then provided details on where you can go to learn and view all of the recent Microsoft vulnerabilities with correlating patches and instructions on how to keep your devices up to date. In addition to Microsoft's vulnerability resources, we provided additional insight into where the patches get their naming standards via CVE along with NVD, which is provided by NIST. Next, we looked at some of the biggest breaches that have occurred to date and provided some popular sources to keep you up to date with the latest cyber news. We finished the chapter with an insight into some of today's general security challenges and, more specifically, those with Windows systems, before closing with an overview of Zero Trust security and what it entails.

In the next chapter, we will review building a baseline. The chapter will review what a baseline is, and then go into detail as to why a baseline must be formed. As part of the baseline, you need to ensure your policies, standards, and procedures are in place, that they are well-defined, and that they are signed off by the leadership and all the stakeholders who are liable for protecting the data. Having these documented is important for security reasons as well as for compliance and auditing purposes. Following this, we will briefly cover change management and its importance as it relates to baselining. We will then review frameworks and what they entail before moving on to some common frameworks that should be referenced to build your baseline. We will finish the chapter with a review of baseline controls and how to implement them before providing the best practices around baselining.

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Related Content you might be interested in

Current Title:

Mastering Windows Security and Hardening

Mastering Microsoft Endpoint Manager

Windows 10 for Enterprise Administrators

Microsoft 365 Mobility and Security ‚Äö√Ñ√¨ Exam Guide MS-101

Summary