Chapter 8. Windows Security
IN THIS CHAPTER
Out-of-the-box operating system hardening
Installing applications
Putting the workstation on the network
Operating Windows safely
The importance of upgrades and patches
Maintaining and testing security
Known attacks against Windows workstations
Windows security is an important component of the overall security of a network or enterprise. The Windows workstation holds a critical position in a defense-in-depth strategy. Figure 8-1 illustrates the defense-in-depth strategy.
Defense-in-depth is a general methodology to slow down and obstruct an attacker. Defense-in-depth can also reduce the damage that occurs from an attack or other security incident. Should any one security control (defense) fail, defense-in-depth slows an attacker down by ensuring that there are still more obstacles in the way. This approach might give administrators time to discover and react to the threat. The "onion" shown in Figure 8-1 has the following layers of protection:
Managing users—The vigilance and security awareness of users can be crucial to all the other security controls being effective.
Harden hosts—Default features are prime targets for attackers and always make the Top 10 on vulnerability lists.
Virtual local area network (VLAN) separation—Trusted but separate; no one aside from payroll personnel and administrators has a need to be able to reach payroll workstations.
Server separation—Provide a place of enhanced security for high-value targets.
Wide area network (WAN) ...
Get Network Security Bible, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
