Book description
PART OF THE NEW JONES & BARTLETT LEARNING INFORMATION SYSTEMS SECURITY & ASSURANCE SERIES!
More than 90 percent of individuals, students, educators, businesses, organizations, and governments use Microsoft Windows, which has experienced frequent attacks against its well-publicized vulnerabilities. Written by an industry expert, Security Strategies in Windows Platforms and Applications focuses on new risks, threats, and vulnerabilities associated with the Microsoft Windows operating system. Particular emphasis is placed on Windows XP, Vista, and 7 on the desktop, and Windows Server 2003 and 2008 versions. It highlights how to use tools and techniques to decrease risks arising from vulnerabilities in Microsoft Windows operating systems and applications. The book also includes a resource for readers desiring more information on Microsoft Windows OS hardening, application security, and incident management. With its accessible writing style, and step-by-step examples, this must-have resource will ensure readers are educated on the latest Windows security strategies and techniques.
Table of contents
- Copyright
- Preface
- Acknowledgments
-
ONE. The Microsoft Windows Security Situation
-
1. Microsoft Windows and the Threat Landscape
- Information Systems Security
- Tenets of Information Security: The A-I-C Triad
- Mapping Microsoft Windows and Applications Into a Typical IT Infrastructure
- Microsoft's End User Licensing Agreement (EULA)
- Windows Threats and Vulnerabilities
- Anatomy of Microsoft Windows Vulnerabilities
- Discovery-Analysis-Remediation Cycle
- Common Forms of Attack
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 1 ASSESSMENT
-
2. Security in the Microsoft Windows Operating System
- Operating System Components and Architecture
- Basic Windows Operating System Architecture
- Access Controls and Authentication
- Security Access Tokens, Rights, and Permissions
- Users, Groups, and Active Directory
- Windows Attack Surfaces and Mitigation
- Fundamentals of Microsoft Windows Security Monitoring and Maintenance
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 2 ASSESSMENT
-
1. Microsoft Windows and the Threat Landscape
-
TWO. Managing and Maintaining Microsoft Windows Security
-
3. Access Controls in Microsoft Windows
- The Principle of Least Privilege
- Access Models: Identification, Authentication, Authorization, ACLs, and More
- Windows Objects and Access Controls
- SIDs, GUIDs, and CLSIDs
- Calculating Microsoft Windows Access Permissions
- Auditing and Tracking Windows Access
- Microsoft Windows Access Management Tools
- Best Practices for Microsoft Windows Access Control
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 3 ASSESSMENT
-
4. Microsoft Windows Encryption Tools and Technologies
- Encryption Methods Microsoft Windows Supports
- Encrypting File System, BitLocker, and BitLocker To Go
- Enabling File-, Folder-, and Volume-Level Encryption
- Encryption in Communications
- Encryption Protocols in Microsoft Windows
- Microsoft Windows and Security Certificates
- Public Key Infrastructure
- Best Practices for Windows Encryption Techniques
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 4 ASSESSMENT
- 5. Protecting Microsoft Windows Against Malware
-
6. Group Policy Control in Microsoft Windows
- Group Policy and Group Policy Objects
- Making Group Policy Conform to Security Policy
- Types of GPOs in the Registry
- Types of GPOs in Active Directory
- Designing, Deploying, and Tracking Group Policy Controls
- Auditing and Managing Group Policy
- Best Practices for Microsoft Windows Group Policy and Processes
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 6 ASSESSMENT
-
7. Microsoft Windows Security Profile and Audit Tools
- Profiling Microsoft Windows Security
- Microsoft Baseline Security Analyzer (MBSA)
- Shavlik Security Analyzers
- Secunia Personal and Corporate Security Analyzers
- Microsoft Windows Security Audit
- Microsoft Windows Security Audit Tools
- Best Practices for Microsoft Windows Security Audits
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 7 ASSESSMENT
-
8. Microsoft Windows Backup and Recovery Tools
- Microsoft Windows Operating System (OS) and Application Backup and Recovery
- Workstation, Server, Network, and Internet Backup Techniques
- Microsoft Windows and Application Backup and Recovery in a Business Continuity Recovery Setting
- Microsoft Windows Backup and Restore Utility
- Rebuilding Systems from Bare Metal
- Managing Backups with Virtual Machines
- Best Practices for Microsoft Windows Backup and Recovery
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 8 ASSESSMENT
-
9. Microsoft Windows Network Security
- Network Security
- Principles of Microsoft Windows Network Security
- Microsoft Windows Security Protocols and Services
- Securing Microsoft Windows Environment Network Services
- Securing Microsoft Windows Wireless Networking
- Microsoft Windows Desktop Network Security
- Microsoft Windows Server Network Security
- Best Practices for Microsoft Windows Network Security
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 9 ASSESSMENT
-
10. Microsoft Windows Security Administration
- Security Administration Overview
- Maintaining the A-I-C Triad in the Microsoft Windows OS World
- Microsoft Windows OS Security Administration
- Ensuring Due Diligence and Regulatory Compliance
- The Need for Security Policies, Standards, Procedures, and Guidelines
- Best Practices for Microsoft Windows OS Security Administration
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 10 ASSESSMENT
-
3. Access Controls in Microsoft Windows
-
THREE. Microsoft Windows OS and Application Security Trends and Directions
-
11. Hardening the Microsoft Windows Operating System
- Understanding the Hardening Process and Mindset
- Hardening Microsoft Windows Operating System Authentication
- Hardening the Network Infrastructure
- Securing Directory Information and Operations
- Hardening Microsoft Windows OS Administration
- Hardening Microsoft Servers and Client Computers
- Hardening Data Access and Controls
- Hardening Communications and Remote Access
- Hardening PKI
- User Security Training and Awareness
- Best Practices for Hardening Microsoft Windows OS and Applications
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 11 ASSESSMENT
- 12. Microsoft Application Security
-
13. Microsoft Windows Incident Handling and Management
- Understanding and Handling Security Incidents Involving Microsoft Windows OS and Applications
- Formulating an Incident Response Plan
- Handling Incident Response
- Incident Handling and Management Tools for Microsoft Windows and Applications
- Investigating Microsoft Windows and Applications Incidents
- Acquiring and Managing Incident Evidence
- Best Practices for Handling Microsoft Windows OS and Applications Incidents and Investigations
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 13 ASSESSMENT
-
14. Microsoft Windows and the Security Life Cycle
- Understanding System Life Cycle Phases
- Managing Microsoft Windows OS and Application Software Security
- Developing Secure Microsoft Windows OS and Application Software
- Implementing, Evaluating, and Testing Microsoft Windows OS and Application Software Security
- Maintaining the Security of Microsoft Windows OS and Application Software
- Microsoft Windows OS and Application Software Revision, Change Management, and End-of-Life Phaseout
- Best Practices for Microsoft Windows and Application Software Development Security Investigations
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 14 ASSESSMENT
-
15. Best Practices for Microsoft Windows and Application Security
- Basic Rules of Microsoft Windows OS and Application Security
- Audit and Remediation Cycles
- Security Policy Conformance Checks
- Security Baseline Analysis
- OS and Application Checks and Upkeep
- Network Management Tools and Policies
- Software Testing, Staging, and Deployment
- Compliance/Currency Tests on Network Entry
- Trends in Microsoft Windows OS and Application Security Management
- CHAPTER SUMMARY
- KEY CONCEPTS AND TERMS
- CHAPTER 15 ASSESSMENT
-
11. Hardening the Microsoft Windows Operating System
- A. Answer Key
- B. Standard Acronyms
- Glossary of Key Terms
- References
Product information
- Title: Security Strategies in Windows Platforms and Applications
- Author(s):
- Release date: November 2010
- Publisher(s): Jones & Bartlett Learning
- ISBN: 9780763791940
You might also like
book
Security Strategies in Windows Platforms and Applications, 3rd Edition
Revised and updated to keep pace with this ever changing field, Security Strategies in Windows Platforms …
book
Security Strategies in Linux Platforms and Applications, 2nd Edition
The Second Edition of Security Strategies in Linux Platforms and Applications covers every major aspect of …
book
The .NET Developer's Guide to Windows Security
"As usual, Keith masterfully explains complex security issues in down-to-earth and easy-to-understand language. I bet you'll …
book
Windows Virus and Malware Troubleshooting
Make your PCs as secure as possible and limit the routes of attack and safely and …