Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Mastering Windows Security and Hardening
  • Toc
  • feedback
Mastering Windows Security and Hardening

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
4.6 (8)
close
Mastering Windows Security and Hardening

Mastering Windows Security and Hardening

4.6 (8)
By: Mark Dunkerley, Matt Tumbarello

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
close
close
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Code in Action
Download the color images
Conventions used
Get in touch
Reviews
1
Section 1: Getting Started
Section 1: Getting Started
Free Chapter
2
Chapter 1: Fundamentals of Windows Security
Chapter 1: Fundamentals of Windows Security
Understanding the security transformation
Living in today's digital world
Today's threats
Identifying vulnerabilities
Recognizing breaches
Current security challenges
Implementing a Zero Trust approach
Summary
3
Chapter 2: Building a Baseline
Chapter 2: Building a Baseline
Introduction to baselining
Policies, standards, procedures, and guidelines
Incorporating change management
Implementing a security framework
Building baseline controls
Implementing a baseline
Incorporating best practices
Summary
4
Chapter 3: Server Infrastructure Management
Chapter 3: Server Infrastructure Management
Technical requirements
Overview of the data center and the cloud
Implementing access management in Windows servers
Understanding Windows Server management tools
Using Azure services to manage Windows servers
Summary
5
Chapter 4: End User Device Management
Chapter 4: End User Device Management
Technical requirements
Device management evolution
Device Imaging and Windows Autopilot
Microsoft Endpoint Configuration Manager
Intune Mobile Device Management (MDM)
Introducing Microsoft Endpoint Manager
Summary
6
Section 2: Applying Security and Hardening
Section 2: Applying Security and Hardening
7
Chapter 5: Hardware and Virtualization
Chapter 5: Hardware and Virtualization
Technical requirements
Physical servers and virtualization
Introduction to hardware certification
BIOS and UEFI, TPM 2.0, and Secure Boot
Advanced protection with VBS
Hardware security recommendations and best practices
Summary
8
Chapter 6: Network Fundamentals for Hardening Windows
Chapter 6: Network Fundamentals for Hardening Windows
Technical requirements
Network security fundamentals
Understanding Windows Network Security
Windows Defender Firewall and Advanced Security
Introducing Azure network security
Summary
9
Chapter 7: Identity and Access Management
Chapter 7: Identity and Access Management
Technical requirements
Identity and access management overview
Implementing account and access management
Understanding authentication, MFA, and going passwordless
Using Conditional Access and Identity Protection
Summary
10
Chapter 8: Administration and Remote Management
chevron up
Chapter 8: Administration and Remote Management
Technical requirements
Understanding device administration
Enforcing policies with MDM
Building security baselines
Connecting securely to servers remotely
Introducing PowerShell security
Summary
11
Chapter 9: Keeping Your Windows Client Secure
Chapter 9: Keeping Your Windows Client Secure
Technical requirements
Securing your Windows clients
Introducing Windows Update for Business
Advanced Windows hardening configurations
Windows 10 privacy
Summary
12
Chapter 10: Keeping Your Windows Server Secure
Chapter 10: Keeping Your Windows Server Secure
Technical requirements
Windows Server versions
Installing Windows Server roles and features
Configuring Windows updates
Connecting to Microsoft Defender ATP
Hardening Windows Server
Deploying Windows Defender Application Control
Summary
13
Section 3: Protecting, Detecting, and Responding for Windows Environments
Section 3: Protecting, Detecting, and Responding for Windows Environments
14
Chapter 11: Security Monitoring and Reporting
Chapter 11: Security Monitoring and Reporting
Technical requirements
Monitoring with MDATP
Deploying Log Analytics
Monitoring with Azure Monitor and activity logs
Configuring ASC
Creating performance baselines
Summary
15
Chapter 12: Security Operations
Chapter 12: Security Operations
Technical requirements
Introducing the SOC
Using the M365 security portal
Using MCAS
Configuring Azure ATP
Investigating threats with Azure Security Center
Introducing Azure Sentinel
Microsoft Defender Security Center
Planning for business continuity and DR
Summary
16
Chapter 13: Testing and Auditing
Chapter 13: Testing and Auditing
Technical requirements
Validating controls
Vulnerability scanning
Planning for penetration testing
Security awareness and training
Summary
17
Chapter 14: Top 10 Recommendations and the Future
Chapter 14: Top 10 Recommendations and the Future
The 10 most important to-dos
The future of device security and management
Security and the future
Summary
18
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Introducing PowerShell security

PowerShell has become one of the most popular tools in the sysadmin's toolbox in recent years. Its uses range from the ability to batch processes and build tools to automating repeatable tasks. There are many importable modules that allow interaction with a range of services such as Azure AD and Exchange Online. As a result, PowerShell can be exploited as an attack tool due to this flexibility. It has close interaction with various OS system-level components, such as Windows Management Instrumentation (WMI), and can avoid detection as it's a commonly used process. Out of the box, there are limited security measures enabled for PowerShell, so let's discuss what we can do to help secure its use.

Configuring PowerShell logging

There are a few types of logging that can be enabled for PowerShell to start logging events for auditing purposes. Some of the logging options include the following:

  • PowerShell Transcription allows Windows...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 7
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete