Second Defensive Layer: Reduce the First-Layer Attack Surface
Reducing the attack surface for Windows means following the basic Windows security precautions that you will find in any security best practice guide. Eliminate or disable all unnecessary applications, services, and network protocols (Minesweeper is not a necessary application on an SQL Server no matter how bored you get waiting for a data-mining query to complete). Rename, disable, and/or delete unnecessary accounts (including the built-in administrator account once you have created an alternative account and assigned it administrator group membership). Limit the user rights, privileges, and group membership of accounts to only what they need to perform the function they are designed ...
Get Seven Deadliest Microsoft Attacks now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
