Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Mastering Windows Security and Hardening
  • Table Of Contents Toc
  • Feedback & Rating feedback
Mastering Windows Security and Hardening

Mastering Windows Security and Hardening

By : Mark Dunkerley, Matt Tumbarello
4.6 (8)
Buy this Book
close
close
Mastering Windows Security and Hardening

Mastering Windows Security and Hardening

4.6 (8)
By: Mark Dunkerley, Matt Tumbarello
Buy this Book

Overview of this book

Are you looking for effective ways to protect Windows-based systems from being compromised by unauthorized users? Mastering Windows Security and Hardening is a detailed guide that helps you gain expertise when implementing efficient security measures and creating robust defense solutions. We will begin with an introduction to Windows security fundamentals, baselining, and the importance of building a baseline for an organization. As you advance, you will learn how to effectively secure and harden your Windows-based system, protect identities, and even manage access. In the concluding chapters, the book will take you through testing, monitoring, and security operations. In addition to this, you’ll be equipped with the tools you need to ensure compliance and continuous monitoring through security operations. By the end of this book, you’ll have developed a full understanding of the processes and tools involved in securing and hardening your Windows environment.
Table of Contents (19 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Code in Action
Icon
Download the color images
Icon
Conventions used
Icon
Get in touch
Icon
Reviews
1
Section 1: Getting Started
Icon
Section 1: Getting Started
Free Chapter
2
Chapter 1: Fundamentals of Windows Security
Icon
Chapter 1: Fundamentals of Windows Security
Icon
Understanding the security transformation
Icon
Living in today's digital world
Icon
Today's threats
Icon
Identifying vulnerabilities
Icon
Recognizing breaches
Icon
Current security challenges
Icon
Implementing a Zero Trust approach
Icon
Summary
3
Chapter 2: Building a Baseline
Icon
Chapter 2: Building a Baseline
Icon
Introduction to baselining
Icon
Policies, standards, procedures, and guidelines
Icon
Incorporating change management
Icon
Implementing a security framework
Icon
Building baseline controls
Icon
Implementing a baseline
Icon
Incorporating best practices
Icon
Summary
4
Chapter 3: Server Infrastructure Management
Icon
Chapter 3: Server Infrastructure Management
Icon
Technical requirements
Icon
Overview of the data center and the cloud
Icon
Implementing access management in Windows servers
Icon
Understanding Windows Server management tools
Icon
Using Azure services to manage Windows servers
Icon
Summary
5
Chapter 4: End User Device Management
Icon
Chapter 4: End User Device Management
Icon
Technical requirements
Icon
Device management evolution
Icon
Device Imaging and Windows Autopilot
Icon
Microsoft Endpoint Configuration Manager
Icon
Intune Mobile Device Management (MDM)
Icon
Introducing Microsoft Endpoint Manager
Icon
Summary
6
Section 2: Applying Security and Hardening
Icon
Section 2: Applying Security and Hardening
7
Chapter 5: Hardware and Virtualization
Icon
Chapter 5: Hardware and Virtualization
Icon
Technical requirements
Icon
Physical servers and virtualization
Icon
Introduction to hardware certification
Icon
BIOS and UEFI, TPM 2.0, and Secure Boot
Icon
Advanced protection with VBS
Icon
Hardware security recommendations and best practices
Icon
Summary
8
Chapter 6: Network Fundamentals for Hardening Windows
Icon
Chapter 6: Network Fundamentals for Hardening Windows
Icon
Technical requirements
Icon
Network security fundamentals
Icon
Understanding Windows Network Security
Icon
Windows Defender Firewall and Advanced Security
Icon
Introducing Azure network security
Icon
Summary
9
Chapter 7: Identity and Access Management
Icon
Chapter 7: Identity and Access Management
Icon
Technical requirements
Icon
Identity and access management overview
Icon
Implementing account and access management
Icon
Understanding authentication, MFA, and going passwordless
Icon
Using Conditional Access and Identity Protection
Icon
Summary
10
Chapter 8: Administration and Remote Management
Icon
Chapter 8: Administration and Remote Management
Icon
Technical requirements
Icon
Understanding device administration
Icon
Enforcing policies with MDM
Icon
Building security baselines
Icon
Connecting securely to servers remotely
Icon
Introducing PowerShell security
Icon
Summary
11
Chapter 9: Keeping Your Windows Client Secure
Icon
Chapter 9: Keeping Your Windows Client Secure
Icon
Technical requirements
Icon
Securing your Windows clients
Icon
Introducing Windows Update for Business
Icon
Advanced Windows hardening configurations
Icon
Windows 10 privacy
Icon
Summary
12
Chapter 10: Keeping Your Windows Server Secure
Icon
Chapter 10: Keeping Your Windows Server Secure
Icon
Technical requirements
Icon
Windows Server versions
Icon
Installing Windows Server roles and features
Icon
Configuring Windows updates
Icon
Connecting to Microsoft Defender ATP
Icon
Hardening Windows Server
Icon
Deploying Windows Defender Application Control
Icon
Summary
13
Section 3: Protecting, Detecting, and Responding for Windows Environments
Icon
Section 3: Protecting, Detecting, and Responding for Windows Environments
14
Chapter 11: Security Monitoring and Reporting
Icon
Chapter 11: Security Monitoring and Reporting
Icon
Technical requirements
Icon
Monitoring with MDATP
Icon
Deploying Log Analytics
Icon
Monitoring with Azure Monitor and activity logs
Icon
Configuring ASC
Icon
Creating performance baselines
Icon
Summary
15
Chapter 12: Security Operations
chevron up
Icon
Chapter 12: Security Operations
Icon
Technical requirements
Icon
Introducing the SOC
Icon
Using the M365 security portal
Icon
Using MCAS
Icon
Configuring Azure ATP
Icon
Investigating threats with Azure Security Center
Icon
Introducing Azure Sentinel
Icon
Microsoft Defender Security Center
Icon
Planning for business continuity and DR
Icon
Summary
16
Chapter 13: Testing and Auditing
Icon
Chapter 13: Testing and Auditing
Icon
Technical requirements
Icon
Validating controls
Icon
Vulnerability scanning
Icon
Planning for penetration testing
Icon
Security awareness and training
Icon
Summary
17
Chapter 14: Top 10 Recommendations and the Future
Icon
Chapter 14: Top 10 Recommendations and the Future
Icon
The 10 most important to-dos
Icon
The future of device security and management
Icon
Security and the future
Icon
Summary
18
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

Configuring Azure ATP

Azure ATP is a cloud security service from Microsoft that's used to analyze domain network traffic. This solution is helpful for the SOC to identify attacks and malicious movements in your AD environment. Telemetry data is collected by installing the ATP sensor on a domain controller, which forwards that information to the Azure ATP cloud service for investigation using the ATP portal. The ATP portal is a unique instance to your tenant and has a similar style and feel to the other cloud-based security portals that Microsoft offers. The SOC team can use the portal to investigate alerts in a timeline view to correlate activity throughout different phases of the attack kill chain. The ATP sensor will capture the following information and forward it to the ATP service:

  • Domain controller network traffic
  • Windows events
  • Remote Authenticaion Dial-In User Service (RADIUS) account information for a VPN
  • User and computer data from AD

    Tip:

    In order...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 6
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY