Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Mastering Windows Security and Hardening
  • Table Of Contents Toc
  • Feedback & Rating feedback
Mastering Windows Security and Hardening

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
4.6 (8)
Buy this Book
close
close
Mastering Windows Security and Hardening

Mastering Windows Security and Hardening

4.6 (8)
By: Mark Dunkerley, Matt Tumbarello
Buy this Book

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Code in Action
Icon
Download the color images
Icon
Conventions used
Icon
Get in touch
Icon
Reviews
1
Section 1: Getting Started
Icon
Section 1: Getting Started
Lock Free Chapter
2
Chapter 1: Fundamentals of Windows Security
Icon
Chapter 1: Fundamentals of Windows Security
Icon
Understanding the security transformation
Icon
Living in today's digital world
Icon
Today's threats
Icon
Identifying vulnerabilities
Icon
Recognizing breaches
Icon
Current security challenges
Icon
Implementing a Zero Trust approach
Icon
Summary
3
Chapter 2: Building a Baseline
Icon
Chapter 2: Building a Baseline
Icon
Introduction to baselining
Icon
Policies, standards, procedures, and guidelines
Icon
Incorporating change management
Icon
Implementing a security framework
Icon
Building baseline controls
Icon
Implementing a baseline
Icon
Incorporating best practices
Icon
Summary
4
Chapter 3: Server Infrastructure Management
Icon
Chapter 3: Server Infrastructure Management
Icon
Technical requirements
Icon
Overview of the data center and the cloud
Icon
Implementing access management in Windows servers
Icon
Understanding Windows Server management tools
Icon
Using Azure services to manage Windows servers
Icon
Summary
5
Chapter 4: End User Device Management
Icon
Chapter 4: End User Device Management
Icon
Technical requirements
Icon
Device management evolution
Icon
Device Imaging and Windows Autopilot
Icon
Microsoft Endpoint Configuration Manager
Icon
Intune Mobile Device Management (MDM)
Icon
Introducing Microsoft Endpoint Manager
Icon
Summary
6
Section 2: Applying Security and Hardening
Icon
Section 2: Applying Security and Hardening
7
Chapter 5: Hardware and Virtualization
chevron up
Icon
Chapter 5: Hardware and Virtualization
Icon
Technical requirements
Icon
Physical servers and virtualization
Icon
Introduction to hardware certification
Icon
BIOS and UEFI, TPM 2.0, and Secure Boot
Icon
Advanced protection with VBS
Icon
Hardware security recommendations and best practices
Icon
Summary
8
Chapter 6: Network Fundamentals for Hardening Windows
Icon
Chapter 6: Network Fundamentals for Hardening Windows
Icon
Technical requirements
Icon
Network security fundamentals
Icon
Understanding Windows Network Security
Icon
Windows Defender Firewall and Advanced Security
Icon
Introducing Azure network security
Icon
Summary
9
Chapter 7: Identity and Access Management
Icon
Chapter 7: Identity and Access Management
Icon
Technical requirements
Icon
Identity and access management overview
Icon
Implementing account and access management
Icon
Understanding authentication, MFA, and going passwordless
Icon
Using Conditional Access and Identity Protection
Icon
Summary
10
Chapter 8: Administration and Remote Management
Icon
Chapter 8: Administration and Remote Management
Icon
Technical requirements
Icon
Understanding device administration
Icon
Enforcing policies with MDM
Icon
Building security baselines
Icon
Connecting securely to servers remotely
Icon
Introducing PowerShell security
Icon
Summary
11
Chapter 9: Keeping Your Windows Client Secure
Icon
Chapter 9: Keeping Your Windows Client Secure
Icon
Technical requirements
Icon
Securing your Windows clients
Icon
Introducing Windows Update for Business
Icon
Advanced Windows hardening configurations
Icon
Windows 10 privacy
Icon
Summary
12
Chapter 10: Keeping Your Windows Server Secure
Icon
Chapter 10: Keeping Your Windows Server Secure
Icon
Technical requirements
Icon
Windows Server versions
Icon
Installing Windows Server roles and features
Icon
Configuring Windows updates
Icon
Connecting to Microsoft Defender ATP
Icon
Hardening Windows Server
Icon
Deploying Windows Defender Application Control
Icon
Summary
13
Section 3: Protecting, Detecting, and Responding for Windows Environments
Icon
Section 3: Protecting, Detecting, and Responding for Windows Environments
14
Chapter 11: Security Monitoring and Reporting
Icon
Chapter 11: Security Monitoring and Reporting
Icon
Technical requirements
Icon
Monitoring with MDATP
Icon
Deploying Log Analytics
Icon
Monitoring with Azure Monitor and activity logs
Icon
Configuring ASC
Icon
Creating performance baselines
Icon
Summary
15
Chapter 12: Security Operations
Icon
Chapter 12: Security Operations
Icon
Technical requirements
Icon
Introducing the SOC
Icon
Using the M365 security portal
Icon
Using MCAS
Icon
Configuring Azure ATP
Icon
Investigating threats with Azure Security Center
Icon
Introducing Azure Sentinel
Icon
Microsoft Defender Security Center
Icon
Planning for business continuity and DR
Icon
Summary
16
Chapter 13: Testing and Auditing
Icon
Chapter 13: Testing and Auditing
Icon
Technical requirements
Icon
Validating controls
Icon
Vulnerability scanning
Icon
Planning for penetration testing
Icon
Security awareness and training
Icon
Summary
17
Chapter 14: Top 10 Recommendations and the Future
Icon
Chapter 14: Top 10 Recommendations and the Future
Icon
The 10 most important to-dos
Icon
The future of device security and management
Icon
Security and the future
Icon
Summary
18
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

Summary

In this chapter, we provided an overview of the hardware-based security features used to protect Windows from the boot chain, the OS layer, and for virtualization of the OS. We covered hardware concerns in terms of vulnerabilities such as rootkits and bootkits and the importance of the supply chain to ensure your organization purchases hardware that has been properly certified. Next, we covered BIOS, Secure Boot, and TPM and how these hardware components are the framework for hardware backed VBS. We talked about the latest advanced protection features using VBS such as Credential Guard, Device Guard, Windows Defender Application Control, and Hypervisor-Protected Code Integrity, as well as how to enable them using MDM or through Group Policy.

Finally, we finished by discussing how System Guard uses dynamic root of trust measurements and remote attestation to help protect your systems from the boot process into runtime.

In the next chapter, we will discuss networking and...

Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Mastering Windows Security and Hardening
End of Chapter 7
Next Chapter
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon