Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
Section 1: Getting Started
Section 2: Applying Security and Hardening
Section 3: Protecting, Detecting, and Responding for Windows Environments

Advanced protection with VBS

First available in Windows 10 and Windows Server 2016, VBS leverages physical hardware components and a Hyper-V hypervisor to create isolation or virtual secure mode for user and kernel operations. For a system to be considered VBS-capable, it needs to meet the following minimum hardware requirements:

  • TPM 2.0
  • UEFI SecureBoot Enabled
  • Intel VT-x or AMD-v
  • IOMMU (Intel VT-D, AMD-Vi) Input/Output memory management unit
  • SLAT for Virtual Address Translation
  • Windows Hardware Lab Kit (HLK) System Certified
  • Device Servicing Program (Drivers and Firmware on Windows Update service)

For more detailed information around the hardware requirements for VBS, visit this link:

VBS leverages hypervisors in order to create an isolated virtual secure mode to define virtual trust levels. The main hypervisor runs all the normal user mode operations,...