eBook - ePub

Microsoft Windows Security Essentials

Name: Microsoft Windows Security Essentials
Author: Darril Gibson

Darril Gibson

Share book

English
ePUB (mobile friendly)
Available on iOS & Android

eBook - ePub

Microsoft Windows Security Essentials

Darril Gibson

Book details

Book preview

Table of contents

Citations

About This Book

Windows security concepts and technologies for IT beginners

IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built.

This straightforward guide begins each chapter by laying out a list of topics to be discussed, followed by a concise discussion of the core networking skills you need to have to gain a strong handle on the subject matter. Chapters conclude with review questions and suggested labs so you can measure your level of understanding of the chapter's content.

Serves as an ideal resource for gaining a solid understanding of fundamental security concepts and skills
Offers a straightforward and direct approach to security basics and covers anti-malware software products, firewalls, network topologies and devices, network ports, and more
Reviews all the topics you need to know for taking the MTA 98-367 exam
Provides an overview of security components, looks at securing access with permissions, addresses audit policies and network auditing, and examines protecting clients and servers

If you're new to IT and interested in entering the IT workforce, then Microsoft Windows Security Essentials is essential reading.

Frequently asked questions

How do I cancel my subscription?

Simply head over to the account section in settings and click on “Cancel Subscription” - it’s as simple as that. After you cancel, your membership will stay active for the remainder of the time you’ve paid for. Learn more here.

Can/how do I download books?

At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.

What is the difference between the pricing plans?

Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.

What is Perlego?

We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.

Do you support text-to-speech?

Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.

Is Microsoft Windows Security Essentials an online PDF/ePUB?

Yes, you can access Microsoft Windows Security Essentials by Darril Gibson in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.

Information

Publisher

Sybex

Year

2011

ISBN

9781118114575

Edition

Topic

Computer Science

Subtopic

Cyber Security

Index

Computer Science

Chapter 1
Understanding Core Security Principles

Every computer presents a certain level of risk. You can’t eliminate risk unless you simply never turn on the computer. However, you can manage risk. You start by understanding what risk is and understanding that risk mitigation is accomplished by reducing vulnerabilities.

Several core security principles guide the protection of information technology (IT) systems and data. When you understand these core security principles, it’s easier to grasp the reasoning behind many of the security practices.

Most security principles can be traced back to the security triad (also called the AIC or CIA triad). The security triad mandates protection against the loss of confidentiality, the loss of integrity, and the loss of availability of IT systems and data. Other principles include defense-in-depth and the principle of least privilege. Administrators harden, or secure, IT systems by attempting to configure them more securely than the default configuration and reduce vulnerabilities. This chapter covers all of these topics in the following sections:

Understanding risk
Exploring the security triad
Implementing a defense-in-depth security strategy
Enforcing the principle of least privilege
Hardening a server

Understanding Risk

Risk is unavoidable. You can’t eliminate it. However, it’s possible to minimize risk by first understanding it and then taking steps to mitigate it.

Minimizing risk is also known as risk mitigation.

For example, every time you step into a street, you run the risk of being hit by a car. The real threat of a car colliding with your body, and your body’s vulnerability to this collision, convinces you to take steps to reduce the risk. Unless you’re Superman, you can’t stop the threat. If the car is coming, it’s coming. But you can minimize the risk by using crosswalks and looking for approaching cars before stepping into the street.

Similarly, risks are reduced in IT networks by taking steps to reduce the vulnerabilities. Consider Figure 1-1. Risk occurs when threats exploit vulnerabilities. In an IT environment, threats are any events that can result in the loss of confidentiality, integrity, or availability of IT systems or data. Threats can be man-made or natural.

The next section explains the concepts of confidentiality, integrity, and availability in more depth.

f0101.eps — **Figure 1-1:** Threats exploit vulnerabilities, creating risk.

NIST’s Definition of Risk

The National Institute of Standards and Technology (NIST) is a U.S. agency that includes the Information Technology Laboratory (ITL). The ITL regularly conducts research and publishes papers on behalf of NIST.

Much of NIST’s research focuses on what the U.S. government can do to improve security for its IT systems and data. However, these papers are publically available, and many non-government organizations adopt the techniques and methodologies.

NIST’s Special Publication 800-30 (SP 800-30) is titled “Risk Management Guide for Information Technology Systems.” The definition of risk in SP 800-30 is as follows: “Risk is a function of the likelihood of a given threat-source’s exercising a particular potential vulnerability, and the resulting impact of that adverse event on the organization.” Although you don’t need to memorize this quote, it’s worth noting that it does add more depth than just Risk occurs when a threat exploits a vulnerability.

Risk management is a complex topic that includes multiple facets. At this stage of your study, you don’t need to master all the different topics of risk management, but you should be aware that much more detail is available. If the topic appeals to you, you can use the Microsoft Technology Associate Security Fundamentals certification as a springboard to more advanced security certifications such as ISC(2)s Certified Information Systems Security Professional (CISSP) certification.

Man-made threats are any threats from people. These can be intentional threats such as attacks or malware distribution. Intentional threats can also include the access, modification, or deletion of data. Other threats include theft, fire, and vandalism. Man-made threats can also be unintentional, such as the accidental deletion of data. Natural threats include weather events such as hurricanes, floods, tornadoes, and lightning. Environmental threats include long-term power failures or the inadvertent release of hazardous chemicals.

An important point to keep in mind is that you can’t stop threats. If someone wants to write malicious software, you can’t prevent it. If Mother Nature wants to create a tornado, it’s coming. However, you can reduce risks by reducing vulnerabilities.

Vulnerabilities are weaknesses. These can be inherent weaknesses in your software or hardware, such as bugs in the code or faulty power supplies. They can be weaknesses in procedures that allow users to give up valuable data to social engineers. They can be weaknesses in security configurations, such as when unneeded services or protocols are left running on a system. They can be weaknesses in physical security that allow unauthorized personnel access to servers or network devices.

Reducing vulnerabilities is the core of risk management in an IT environment. Every step you take to reduce weaknesses reduces your risks. The following list identifies some common techniques you can use to reduce weaknesses. Don’t worry if you don’t understand them all right now—they’re covered in more depth th...