Mastering Windows Security and Hardening
eBook - ePub

Mastering Windows Security and Hardening

Secure and protect your Windows environment from intruders, malware attacks, and other cyber threats

Mark Dunkerley, Matt Tumbarello

Condividi libro
  1. 572 pagine
  2. English
  3. ePUB (disponibile sull'app)
  4. Disponibile su iOS e Android
eBook - ePub

Mastering Windows Security and Hardening

Secure and protect your Windows environment from intruders, malware attacks, and other cyber threats

Mark Dunkerley, Matt Tumbarello

Dettagli del libro
Anteprima del libro
Indice dei contenuti
Citazioni

Informazioni sul libro

Enhance Windows security and protect your systems and servers from various cyber attacks

Key Features

  • Protect your device using a zero-trust approach and advanced security techniques
  • Implement efficient security measures using Microsoft Intune, Configuration Manager, and Azure solutions
  • Understand how to create cyber-threat defense solutions effectively

Book Description

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users?

Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions.

We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you'll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations.

By the end of this book, you'll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.

What you will learn

  • Understand baselining and learn the best practices for building a baseline
  • Get to grips with identity management and access management on Windows-based systems
  • Delve into the device administration and remote management of Windows-based systems
  • Explore security tips to harden your Windows server and keep clients secure
  • Audit, assess, and test to ensure controls are successfully applied and enforced
  • Monitor and report activities to stay on top of vulnerabilities

Who this book is for

This book is for system administrators, cybersecurity and technology professionals, solutions architects, or anyone interested in learning how to secure their Windows-based systems. A basic understanding of Windows security concepts, Intune, Configuration Manager, Windows PowerShell, and Microsoft Azure will help you get the best out of this book.

Domande frequenti

Come faccio ad annullare l'abbonamento?
È semplicissimo: basta accedere alla sezione Account nelle Impostazioni e cliccare su "Annulla abbonamento". Dopo la cancellazione, l'abbonamento rimarrà attivo per il periodo rimanente già pagato. Per maggiori informazioni, clicca qui
È possibile scaricare libri? Se sì, come?
Al momento è possibile scaricare tramite l'app tutti i nostri libri ePub mobile-friendly. Anche la maggior parte dei nostri PDF è scaricabile e stiamo lavorando per rendere disponibile quanto prima il download di tutti gli altri file. Per maggiori informazioni, clicca qui
Che differenza c'è tra i piani?
Entrambi i piani ti danno accesso illimitato alla libreria e a tutte le funzionalità di Perlego. Le uniche differenze sono il prezzo e il periodo di abbonamento: con il piano annuale risparmierai circa il 30% rispetto a 12 rate con quello mensile.
Cos'è Perlego?
Perlego è un servizio di abbonamento a testi accademici, che ti permette di accedere a un'intera libreria online a un prezzo inferiore rispetto a quello che pagheresti per acquistare un singolo libro al mese. Con oltre 1 milione di testi suddivisi in più di 1.000 categorie, troverai sicuramente ciò che fa per te! Per maggiori informazioni, clicca qui.
Perlego supporta la sintesi vocale?
Cerca l'icona Sintesi vocale nel prossimo libro che leggerai per verificare se è possibile riprodurre l'audio. Questo strumento permette di leggere il testo a voce alta, evidenziandolo man mano che la lettura procede. Puoi aumentare o diminuire la velocità della sintesi vocale, oppure sospendere la riproduzione. Per maggiori informazioni, clicca qui.
Mastering Windows Security and Hardening è disponibile online in formato PDF/ePub?
Sì, puoi accedere a Mastering Windows Security and Hardening di Mark Dunkerley, Matt Tumbarello in formato PDF e/o ePub, così come ad altri libri molto apprezzati nelle sezioni relative a Computer Science e Cyber Security. Scopri oltre 1 milione di libri disponibili nel nostro catalogo.

Informazioni

Editore
Packt Publishing
Anno
2020
ISBN
9781839214288
Edizione
1
Argomento
Computer Science
Categoria
Cyber Security

Section 1: Getting Started

This section will provide you with an overview of security fundamentals and the importance of building a baseline. It will also provide information on infrastructure models, and talk about end user computing evolutions and the solutions we can use to manage them.
This section includes the following chapters:
  • Chapter 1, Fundamentals of Windows Security
  • Chapter 2, Building a Baseline
  • Chapter 3, Server Infrastructure Management
  • Chapter 4, End User Device Management

Chapter 1: Fundamentals of Windows Security

Nowadays, the conversation of cybersecurity has become a hot topic throughout the world. And even more so with leadership teams and board members of many major organizations asking the question, are we secure? The short answer is no: no one is secure in today's digital world, and there has never been a more critical time to ensure that you are doing everything within your power to protect your organization and its users.
As we continue to receive daily news of breaches throughout the world, it is clear how severe the issue of cybercrime has become. To put it bluntly, we simply need to do a better job of protecting the data that we collect and manage within our organizations today. This isn't an easy task, especially with the advancement of organized cyber and state-sponsored groups with budgets, most likely, far exceeding that of most organizations. As security professionals, we need to do our due diligence and ensure we identify all risks within the organization. Once identified, they will need to be addressed or accepted as a risk by leadership.
As a consumer, it is most likely that your data has already been breached, and there's a chance your account information and passwords are sitting on the dark web somewhere. We need to work with the assumption that our personal data has already been breached and build better barriers around our data and account information. For example, in the U.S., purchasing identity protection as a service to monitor your identity can serve as an insurance policy if you incur any damages. In addition to this, the ability to place your credit reports on hold to prevent bad actors from opening accounts under your name is another example of a defensive approach that you can take to protect your personal identity.
As the cybersecurity workforce continues to evolve and strengthen with more and more talented individuals, we want to help contribute to the importance of securing our data, and we hope this book provides you with the necessary knowledge to do the right thing for your organization. As you read this book, you will not only learn the technical aspects of securing Windows, but you will also learn what else is necessary to ensure the protection of Windows and the users that use it. Protecting Windows has become a lot more than making a few simple configuration changes and installing an antivirus (AV) tool. There is an entire ecosystem of controls, tools, and technology to help protect your Windows systems and users.
As you read through this chapter, you will learn about the broader fundamentals of security and the principles behind the foundation that is needed to protect your Windows environment. Specifically, you will learn about the following:
  • An overview of the security transformation within the industry
  • A look at security trends as they relate to today's digital world
  • A review of the current threat landscape and common vulnerabilities
  • An overview of some recent publicly known breaches
  • An overview of the current security challenges faced today
  • What Zero Trust security is, and why we need to adopt this approach moving forward

Understanding the security transformation

Over the years, security has evolved from being just a shared role or a role that didn't even exist within a business. Today, well-defined teams and organizational structures do actually exist or are being created to focus solely on security. Not only are these teams maturing constantly, but the Chief Information Security Officer (CISO) has become a person of significant importance who may report directly to a Chief Executive Officer (CEO) within an organization and not the CIO.
Over the years, many roles that never existed before have begun to appear within the security world, and new skill sets are always in demand. As an overview, the following is a list of some of the more common security roles that you can expect to see within a security program:
  • CISO/CSO (Chief Information Security Officer/Chief Security Officer)
  • IT Security Director
  • IT Security Manager
  • Security Architect/Engineer
  • Security Analyst
  • Security/Compliance Officer
  • Security Administrator
  • Security Engineer
  • Software/Application Security Developer
  • Software/Application Security Engineer
  • Cryptographer/Cryptologist
  • Security Consultant/Specialist
  • Network Security Engineer
  • Cloud Security Architect
One thing to point out, in regard to these roles, is the major shortage of the cybersecurity workforce throughout the world. A cybersecurity workforce study by (ISC)² shows that a worldwide growth of 145% is needed to meet the demand for cyber experts. In the US, this number needs to grow by 62%. These numbers clearly show the demand for skilled cybersecurity experts along with opportunities for growth. The challenge with this growth is that new positions are continuously being created as new skills are needed, which makes it difficult to find well-seasoned talent (read more about the (ISC)² 2019 Cybersecurity Workforce Study here: https://www.isc2.org/Research/Workforce-Study).
One of the primary factors for the growing need of security experts correlates to the advancement of the PC (or personal computer) and its evolution throughout the years. The PC has changed the way we connect. And, with this evolution comes the supporting infrastructure, which has evolved into many data centers seen throughout the world.
As we are all aware, Windows has been the victim of numerous vulnerabilities over the years and continues to be a victim even today. The initial idea behind the Windows Operating System (OS) was a strong focus on usability and productivity. As a result of its success and adoption across the globe, it became a common target for exploits. This, in turn, created many gaps in the security of Windows that have traditionally been filled by many other companies. A good example is a need for third-party AV software. As the world has turned more toward digitization over the years, and the adoption of Windows usage has continued to grow, so has the need for improved security along with dedicated roles within this area. Protecting Windows has not been an easy task, and it continues to be an ongoing challenge.

Living in today's digital world

Today, we are more reliant on technology than ever and live in a world where businesses cannot survive without it. As our younger generations grow up, there is greater demand for the use of advanced technology. One scary thought is how fast the world has grown within the previous 100 years compared to the overall history of mankind. Technology continues to push the boundaries of innovation, and a significant portion of that change must include the securing of this technology. Especially since the world has become a more connected place with the advancement of the internet.
To give you a rough idea of technology usage today, let's take a look at the current desktop usage throughout the world. For these statistics, we will reference an online service, called Statcounter GlobalStats: https://gs.statcounter.com/. This dataset is not all-inclusive, but there is a very large sampling of data used to give us a good idea of worldwide usage. Statcounter GlobalStats collects its data through web analytics via tracking code on over 2 million websites globally. The aggregation of this data equates to more than 10 billion page views per month. The following screenshot shows the OS market share that is in use worldwide. More information from Statcounter can be viewed at https://gs.statcounter.com/os-market-share/desktop/worldwide:
Figure 1.1 – Statcounter Desktop Operating System Market Share Worldwide
Figure 1.1 – Statcounter Desktop Operating System Market Share Worldwide
As you can see, the Windows desktop market is more widely adopted than any other OS available today. Seemingly, Windows has always had negative connotations because of its ongoing vulnerabilities in comparison to other OSes. Part of this is due to how widely used Windows actually is. A hacker isn't going to waste their time on an OS that isn't widely adopted. We can assume there would be a direct correlation between OS adoption rates and avai...

Indice dei contenuti