Book Image

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
Book Image

Mastering Windows Security and Hardening

By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
1
Section 1: Getting Started
6
Section 2: Applying Security and Hardening
13
Section 3: Protecting, Detecting, and Responding for Windows Environments

Technical requirements

In order to complete the exercises in this chapter, we recommend the following requirements. For Windows Defender Exploit Guard Network Protection, the minimum requirements are as follows:

  • A Windows 2016 Active Directory domain with Group Policy
  • Domain Admin rights or equal permissions to create Group Policy objects for the scoped OU of the target systems
  • A Windows 10 Pro or Enterprise workstation domain-joined and/or Intune enrolled

To complete the Azure Security Center just-in-time exercise and Azure Bastion, you will need the following minimum requirements:

  • An Azure tenant with a virtual network, subnet, and resource group
  • An available IP range inside your virtual network that can accommodate a /27 CIDR
  • A Windows 10 or Server 1909 data center virtual machine with a public IP
  • Azure Security Center Standard (or a free 30-day trial)