Home > Categories > Cybersecurity > Mastering Windows Security and Hardening
Mastering Windows Security and Hardening
📥 Download PDF

Mastering Windows Security and Hardening

by Mark Dunkerley, Matt Tumbarello

Cybersecurity

Book Details

Book Title

Mastering Windows Security and Hardening: Secure and protect your Windows environment from cyber threats using zero-trust security principles, 2nd Edition

Author

Mark Dunkerley, Matt Tumbarello

Publisher

Packt Publishing

Publication Date

2022

ISBN

9781803236544

Number of Pages

719

Language

English

Format

PDF

File Size

10.2MB

Subject

Windows Security

Table of Contents

  • Mastering Windows Security and HardeningSecond Edition
  • Contributors
  • About the authors
  • About the reviewer
  • Preface
  • Part 1: Getting Started and Fundamentals
  • Chapter 1: Fundamentals of Windows Security
  • Understanding the security transformation
  • Living in today’s digital world
  • Today’s threats
  • Ransomware preparedness
  • Identifying vulnerabilities
  • Recognizing breaches
  • Current security challenges
  • Focusing on zero trust
  • Summary
  • Chapter 2: Building a Baseline
  • Overview of baselining
  • Introduction to policies, standards, procedures, and guidelines
  • Incorporating change management
  • Implementing a security framework
  • Building baseline controls
  • Incorporating best practices
  • Summary
  • Chapter 3: Hardware and Virtualization
  • Technical requirements
  • Physical servers and virtualization
  • Introduction to hardware certification
  • The firmware interface, TPM, and Secure Boot
  • Isolated protection with VBS
  • Protecting data from lost or stolen devices
  • Hardware security recommendations and best practices
  • Summary
  • Chapter 4: Networking Fundamentals for Hardening Windows
  • Technical requirements
  • Network security fundamentals
  • Understanding Windows network security
  • Windows Defender Firewall and Advanced Security
  • Web protection features in Microsoft Defender for Endpoint
  • Introducing Azure network security
  • Summary
  • Chapter 5: Identity and Access Management
  • Technical requirements
  • Identity and access management overview
  • Implementing account and access management
  • Understanding authentication, MFA, and going passwordless
  • Using Conditional Access and Identity Protection
  • Summary
  • Part 2: Applying Security and Hardening
  • Chapter 6: Administration and Policy Management
  • Technical requirements
  • Understanding device administration
  • Managing devices with Configuration Manager
  • Managing devices with Intune
  • Administering a security baseline
  • Summary
  • Chapter 7: Deploying Windows Securely
  • Technical requirements
  • Device provisioning and upgrading Windows
  • Building hardened Windows images
  • Provisioning devices with Windows Autopilot
  • Deploying images to Azure Virtual Desktop
  • Deploying Windows 365 Cloud PC
  • Summary
  • Chapter 8: Keeping Your Windows Client Secure
  • Technical requirements
  • Securing your Windows clients
  • Staying updated with Windows Update for Business
  • Enforcing policies and configurations
  • Enabling BitLocker to prevent data theft
  • Going passwordless with Windows Hello for Business
  • Configuring a device compliance policy
  • Deploying Windows Security Baselines
  • Configuring Windows Security features
  • Summary
  • Chapter 9: Advanced Hardening for Windows Clients
  • Technical requirements
  • Securing enterprise web browsers
  • Securing Microsoft 365 apps
  • Advanced protection features with Microsoft Defender
  • Summary
  • Chapter 10: Mitigating Common Attack Vectors
  • Technical requirements
  • Preventing an Adversary-in-the-Middle attack
  • Protecting against lateral movement and privilege escalation
  • Windows privacy settings
  • Summary
  • Chapter 11: Server Infrastructure Management
  • Technical requirements
  • Overview of the data center and the cloud (IaaS, PaaS, and SaaS)
  • Implementing access management in Windows servers
  • Understanding Windows Server management tools
  • Using Azure services to manage Windows servers
  • Connecting securely to Windows servers remotely
  • Summary
  • Chapter 12: Keeping Your Windows Server Secure
  • Technical requirements
  • Windows Server versions
  • Security roles in Windows Server
  • Configuring Windows updates
  • Configuring Windows Defender
  • Hardening Windows Server
  • Deploying application control policies using WDAC
  • Implementing PowerShell security
  • Summary
  • Part 3: Protecting, Detecting, and Responding for Windows Environments
  • Chapter 13: Security Monitoring and Reporting
  • Technical requirements
  • MDE features
  • Onboarding Windows clients into MDE
  • Collecting telemetry with Azure Monitor Logs
  • Monitoring with Azure Monitor and activity logs
  • Overview of Microsoft Defender for Cloud
  • Reporting in MEM
  • Monitoring the health and update status of Office apps
  • Summary
  • Chapter 14: Security Operations
  • Technical requirements
  • Introducing the SOC
  • Understanding XDR
  • Using the M365 Defender portal
  • Security operations with MDE
  • Investigating threats with Defender for Cloud
  • Enabling Azure-native SIEM with Microsoft Sentinel
  • Protecting apps with MDCA
  • Monitoring hybrid environments with MDI
  • Data protection with M365
  • Planning for business continuity
  • Summary
  • Chapter 15: Testing and Auditing
  • Technical requirements
  • Validating security controls
  • Vulnerability scanning overview
  • Planning for penetration testing
  • An insight into security awareness, training, and testing
  • Summary
  • Chapter 16: Top 10 Recommendations and the Future
  • The 10 most important to-do's
  • The future of device security and management
  • Security and the future
  • Summary
  • Why subscribe?
  • Other Books You May Enjoy
  • Packt is searching for authors like you
  • Share Your Thoughts