Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required
Arrow left icon
All Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletters
Free Learning
Arrow right icon
Mastering Windows Security and Hardening - Second Edition
Mastering Windows Security and Hardening - Second Edition

Mastering Windows Security and Hardening: Secure and protect your Windows environment from cyber threats using zero-trust security principles, Second Edition

Profile Icon Mark Dunkerley Profile Icon Matt Tumbarello
By Mark Dunkerley , Matt Tumbarello
$29.99 $43.99
Full star icon Full star icon Full star icon Full star icon Full star icon 5 (1 Ratings)
Book Aug 2022 816 pages 2nd Edition
eBook
$29.99 $43.99
Print
$54.99
Subscription
Free Trial
Renews at $19.99p/m
Profile Icon Mark Dunkerley Profile Icon Matt Tumbarello
By Mark Dunkerley , Matt Tumbarello
$29.99 $43.99
Full star icon Full star icon Full star icon Full star icon Full star icon 5 (1 Ratings)
Book Aug 2022 816 pages 2nd Edition
eBook
$29.99 $43.99
Print
$54.99
Subscription
Free Trial
Renews at $19.99p/m
eBook
$29.99 $43.99
Print
$54.99
Subscription
Free Trial
Renews at $19.99p/m

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon AI Assistant (beta) to help accelerate your learning
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Table of content icon View table of contents Preview book icon Preview Book

Mastering Windows Security and Hardening - Second Edition

Chapter 1: Fundamentals of Windows Security

In recent times, cybersecurity has become a hot topic throughout the world, and even more so with leadership teams and board members of major organizations asking the question: Are we secure? The short answer is no: no one is secure in today’s digital world, and the time has never been more critical to ensure that you are doing everything within your power to protect your organization and its users.

As we continue to receive daily news of breaches throughout the world, it is clear how severe the issue of cybercrime has become. To put it bluntly, we simply need to do a better job of protecting the data that we collect and manage within our organizations today. This isn’t an easy task, especially with the advancement of organized cyber and state-sponsored groups with budgets most likely far exceeding that of most organizations. As security professionals, we need to do our due diligence and ensure we identify all risks within the organization. Once identified, they will need to be addressed or accepted as a risk by leadership.

As a consumer, it is most likely that your data has already been breached, and there’s a chance your account information and passwords are sitting on the dark web somewhere. We need to work with the assumption that our personal data has already been breached and build better barriers around our data and account information. For example, in the US, purchasing identity protection as a service to monitor your identity can serve as an insurance policy if you incur any damages. In addition to this, the ability to place your credit reports on hold to prevent bad actors from opening accounts under your name is another example of a defensive approach that you can take to protect your personal identity.

Important Note

There are many identity protection plans available today; a couple of notable ones include Norton LifeLock (https://www.lifelock.com/) and Aura Identity Guard (https://www.identityguard.com/). For those in the US, you can lock your credit for free online at each of the Credit Bureau’s websites: Experian, Equifax, and TransUnion.

As the cybersecurity workforce continues to evolve and strengthen with more and more talented individuals, we want to help contribute to the importance of securing our data, and we hope this book will provide you with the necessary knowledge to do the right thing for your organization. As you read this book, you will not only learn the technical aspects of securing Windows, but you will also learn what else is necessary to ensure the protection of Windows and those who use it. Protecting Windows has become a lot more than making a few simple configuration changes and installing an antivirus (AV) tool. There is an entire ecosystem of controls, tools, and technologies to help protect your Windows systems and users. This means adopting a layered approach to protecting your devices, taking into consideration the network, applications, infrastructure, hardware, identity, monitoring, auditing, and much more.

As you read through this chapter, you will learn about the broader fundamentals of security and the principles behind the foundation that is needed to protect your Windows environment. Specifically, you will learn about the following topics:

  • Understanding the security transformation
  • Living in today’s digital world
  • Today’s threats
  • Ransomware preparedness
  • Identifying vulnerabilities
  • Recognizing breaches
  • Current security challenges
  • Focusing on zero trust

Understanding the security transformation

Over the years, security has evolved from being a shared role or a role that was non-existent within a business. Today, well-defined teams and organizational structures exist or are being created to focus solely on security. Not only are these teams maturing constantly, but the Chief Information Security Officer (CISO) has become a person of significant importance and may report directly to a Chief Executive Officer (CEO) and not the Chief Information Officer (CIO).

Over the years, many roles that never existed before have begun to appear within the security world, and new skill sets are always in demand. As an overview, here are some of the more common security roles that you can expect to see within a security program: CISO/CSO, Information Technology (IT) Security Director, IT Security Manager, Security Architect/Engineer, Security Analyst, Security/Compliance Officer, Security Administrator, Security Engineer, Software/Application Security Developer, Software/Application Security Engineer, Cryptographer/Cryptologist, Security Consultant/Specialist, Network Security Engineer, and Cloud Security Architect.

As an example, the following screenshot shows what a security organization may look like through an organization chart. Every organization is different, but this will provide you with a basis of what can be expected:

Figure 1.1 – Sample organization structure

Figure 1.1 – Sample organization structure

One thing to point out regarding these roles is the shortage of a cybersecurity workforce throughout the world. Although an ongoing concern, the great news is that since the original version of this publication, there has been a significant increase in cybersecurity professionals worldwide, according to the cybersecurity workforce study by the International Information System Security Certification Consortium ((ISC)²). The updated (ISC)² 2021 Cybersecurity Workforce Study shows that a worldwide growth of 65% is still needed to meet the demand for cyber experts, which is significantly down from 2019 when 145% growth was needed. The study estimates that there are approximately 4.19 million cybersecurity professionals globally. This is an increase of more than 700,000 from 2020. The ongoing challenge continues to be with the growth of new positions that are continuously being created as cybersecurity programs continue to enhance. This makes it difficult to find well-seasoned talent and may require you to think outside the box as you look to onboard those new to the field or looking to shift careers. You can read more about the (ISC)² 2021 Cybersecurity Workforce Study here: https://www.isc2.org/Research/Workforce-Study.

One of the primary factors for a growing need for security experts correlates to the advancement of the personal computer (or PC) and its evolution throughout the years. The PC has changed the way we connect, and with this evolution comes the supporting infrastructure, which has evolved into the many data centers seen throughout the world.

As we are all aware, Windows has been the victim of numerous vulnerabilities over the years and continues to be a victim even today. The initial idea behind the Windows Operating System (OS) was a strong focus on usability and productivity. As a result of its success and adoption across the globe, it became a common target for exploits. This, in turn, created many gaps in the security of Windows that have traditionally been filled by many other companies. A good example was the need for third-party AV software. As the world has turned more toward digitization over the years and Windows usage has continued to grow, so has the need for improved security, along with dedicated roles within this area. Protecting Windows has not been an easy task, and it continues to be an ongoing challenge.

Living in today’s digital world

Today, we are more reliant on technology than ever and live in a world where businesses cannot survive without it. As our younger generations grow up, there is greater demand for the use of advanced technology. One scary thought is how fast the world has grown within the previous 100 years compared to the overall history of mankind. Technology continues to push the boundaries of innovation, and a significant portion of that change must include the securing of this technology, especially since the world has become a more connected place with the advancement of the internet.

To give you a rough idea of technology usage today, let’s take a look at the current desktop usage throughout the world. For these statistics, we will reference an online service called StatCounter GlobalStats: https://gs.statcounter.com/. This dataset is not all-inclusive, but there is a very large sampling of data used to give us a good idea of worldwide usage. StatCounter GlobalStats collects its data through web analytics via a tracking code on over 2 million websites globally. The aggregation of this data equates to more than 10 billion page views per month. The following screenshot shows the OS market share that is in use worldwide. More information from StatCounter can be viewed at https://gs.statcounter.com/os-market-share/desktop/worldwide:

Figure 1.2 – StatCounter desktop OS market share worldwide

Figure 1.2 – StatCounter desktop OS market share worldwide

As you can see, the Windows desktop market is more widely adopted than any other desktop OS available today. Seemingly, Windows has always had negative connotations because of its ongoing vulnerabilities in comparison to other OSs. Part of this is due to how widely used Windows is—a hacker isn’t going to waste their time on an OS that isn’t widely adopted. We can assume there would be a direct correlation between OS adoption rates and available security vulnerabilities. Additionally, the Windows OS is supported across many types of hardware, which opens opportunities for exploits to be developed. One reason why we see significantly fewer macOS vulnerabilities is due to the hardware control with which Apple allows its software to run on. As the platform has grown, though, we have seen an increase of vulnerabilities within its OS too. The point I’m making is that we tend to focus our efforts on areas where it makes sense, and Windows has continued to be a leader in the desktop space, making it a very attractive source to be attacked. This, in turn, has created an ecosystem of vendors and products over the years, all aimed at helping to protect and secure Windows’ systems.

Let’s look at the current adoption of the different Windows OSs in use. The following screenshot from StatCounter shows the current Windows desktop version usage around the world today. To view these statistics, visit https://gs.statcounter.com/os-version-market-share/windows/desktop/worldwide:

Figure 1.3 – Desktop Windows version market share worldwide

Figure 1.3 – Desktop Windows version market share worldwide

As you can see, Windows 10 is the most adopted OS at 73%. In addition, Microsoft has recently released Windows 11, accounting for almost 9% of the desktop market share already. Microsoft continues to push more users and organizations to the latest version of Windows, and this is where it spends the majority of its development resources. There are also major changes to Windows 11 compared with older versions, which is why it is critical to migrate from older versions, especially for security-specific reasons. Microsoft ended its support (including security updates) for Windows XP in April 2014 and Windows 7 in January 2020. It has also announced the retirement of Windows 10 support for October 14, 2025.

A recent buzz term you have most likely heard in recent years is that of digital transformation. This refers to the shift from a legacy on-premises infrastructure to a modernized cloud-first strategy to support the evolving need for big data, machine learning, Artificial Intelligence (AI), and more. A significant part of this shift also falls within Windows systems and management. In Chapter 11, Server Infrastructure Management, we will look at the differences between a data center and a cloud model, including where the responsibilities fall for maintaining and securing underlying systems. Prior to digital transformation, we relied heavily on the four walls of the corporation and its network to protect a data center and its systems. This included a requirement for client devices to be physically on the corporate network in order to access data and services. With this model, our devices were a little easier to manage and lock down, as they never left the corporate office. Today, the dynamics have changed. Referencing back to StatCounter, in the following screenshot, you can see a significant shift from traditional desktop usage to a more mobile experience. The Mobile percentage reflects an increase of over 2% since the initial release of this publication 2 years ago. To view the source of this screenshot, visit https://gs.statcounter.com/platform-market-share/desktop-mobile-tablet/worldwide/#monthly-200901-202110:

Figure 1.4 – StatCounter platform comparison (January 2009 - May 2022)

Figure 1.4 – StatCounter platform comparison (January 2009 - May 2022)

Focusing on Windows security, the traditional model of an organization would have typically included the following security tools as part of its baseline:

  • AV software
  • Windows firewall
  • Internet proxy service
  • Windows updates

Depending on your organization or industry, there may have been additional tools. However, for the most part, I’d imagine the preceding list was the extent of most organizations’ security tools on Windows client devices. The same would have most likely applied to the Windows servers in the traditional model. As the digital transformation has brought change, the traditional method of Windows management has become legacy. There is an expectation that we can work and access data from anywhere, at any time. With the rapid increase in remote working during 2020 and 2021, this model and expectation have been fast-tracked. We live in an internet-connected world, and when we plug our device in, we expect to access our data with ease. With this shift, there is a major change in the security of the systems we manage and—specifically—the Windows server and client. As we shift our infrastructure to the cloud and enable our users to become less restricted, the focus of security revolves not only around the device itself but that of the user’s identity and, more importantly, the data. Today, the items we listed earlier will not suffice in the enterprise. The following tools are those that would be needed to better protect your Windows devices:

  • Advanced Threat Protection (ATP): AV and threat protection, Endpoint Detection and Response (EDR), advanced analytics and behavioral monitoring, network protection, exploit protection, and more
  • Data Loss Prevention (DLP) and information protection
  • Identity protection: Biometric technology, Multi-Factor authentication (MFA), and more
  • Application control
  • Machine learning and advanced AI security services

Today’s threats

The threat landscape within the cyber world is extremely diverse and is continually becoming more complex. The task of protecting users, data, and systems is becoming more difficult and requires the advancement of even more intelligent tools to keep bad actors out. Today, criminals are more sophisticated, and large groups have formed with significant financial backing to support the wrongdoings of these groups. The following are common cyber threats: national governments, nation-states, terrorists, spies, organized crime groups, hacktivists, hackers, business competitors, and insiders/internal employees.

Tip

To learn more about these cyber-threat sources, the Department of Homeland Security (DHS) has a great reference here: https://us-cert.cisa.gov/ics/content/cyber-threat-source-descriptions.

To shed some light on real-world examples of data-breach sources today, Verizon releases an annual report, Data Breach Investigations Report. You can view their latest report here: https://enterprise.verizon.com/resources/reports/dbir/. The report is built on a set of real-world data and contains some eye-opening data on data breaches, such as the following revelations highlighted in the 2021 report:

  • 85% of breaches involved a human element.
  • 61% of breaches involved credentials.
  • 3% of breaches involved vulnerability exploitation.
  • Action variants in breaches: phishing 36%, up by 25% from 2020; use of stolen credentials 25%; ransomware 10%, which more than doubled from 2020.
  • Credentials remain one of the most wanted data types.
  • The most common motivation for attacks continues to be financial.
  • The number-one threat actor is currently organized crime.

The full 2021 report can be found here: https://www.verizon.com/business/resources/reports/dbir/2021/masters-guide/.

There are many types of cyberattacks in the world today, and this creates a diverse set of challenges for organizations. While not all threats are Windows-specific, there’s a chance that Windows is the median or attack vector in which an attacker gains access by exploiting a vulnerability. An example of this could be an unpatched OS or an out-of-date application. Next, we list many types of threats that could cause damage directly using a vulnerability within the Windows OS or by using the Windows OS as an attack vector.

Malware is software or code designed with malicious intent that exploits vulnerabilities found within the system. The following types of threats are considered malware: adware, spyware, virus (polymorphic, multipartite, macro, or boot sector), worm, Trojan, rootkit, bots/botnets, ransomware, and logic bombs.

In addition to malware, the following types of attack techniques can be used to exploit vulnerabilities:

  • Keylogger
  • Phishing (email phishing, spear phishing, whale phishing, vishing, smishing, or pharming)
  • Social engineering
  • Business Email Compromise (BEC)
  • Structured Query Language (SQL) injection attack
  • Cross-Site Scripting (XSS)
  • Denial of Service (DoS) and Distributed Denial of Service (DDoS)
  • Session hijacking
  • Man-in-the-Middle (MITM) attacks
  • Password attacks (brute-force, dictionary, or birthday attacks)
  • Credential stuffing or reuse
  • Identity theft
  • Advanced Persistent Threats (APTs)
  • Intellectual property theft
  • Shoulder surfing
  • Golden Ticket: Kerberos attacks
  • Domain Name System (DNS) tunneling and dangling DNS
  • Zero-day

    Tip

    To learn more about the threats listed earlier, the National Institute of Standards and Technology (NIST) has a glossary that provides more information on most, if not all, of the threats in the preceding list: https://csrc.nist.gov/glossary.

Now that we’ve just reviewed today’s threats, let’s take a look at an extremely important topic that has everyone’s attention. Ransomware preparedness is on everyone’s security priority list.

Ransomware preparedness

In the previous section, we introduced many of the threats and cyberattacks that continue to challenge us as cybersecurity professionals. One specific type of malware we want to cover in more detail is ransomware. Since the original release of this publication, ransomware incidents have grown exponentially, and ransomware is currently one of the biggest threats to organizations today. In short, a ransomware attack refers to an intruder encrypting data belonging to a user or organization, making it inaccessible. For the user or organization to gain access back to their data, they are held to a ransom in exchange for the decryption keys. The intruders will use many tactics to try to force payment, including threats to leak the data and list the data for sale on the dark web, to the extent of erasing backups, to name a few.

Ransomware has been around for a long time, and the first documented incident occurred in 1989, known as PC Cyborg or the AIDS Trojan. Since then, ransomware has evolved substantially into a business with high payoffs for attackers. There is even a ransomware-as-a-service (RaaS) model that allows hackers to subscribe and use the service to commit their own attacks. A report released by the Federal Bureau of Investigation’s (FBI’s) Internet Crime Complaint Center (IC3) (https://www.ic3.gov/) received 2,084 ransomware incidents between January and July 2021 alone. The cost of complaints from the 2,084 incidents totaled over US dollars (USD) $16.8 million. This is a 62% increase in reported incidents and a 20% increase in losses from the same period in 2020. These numbers alone show a significant increase in ransomware. You can read more on the report here: https://www.ic3.gov/Media/News/2021/210831.pdf.

When it comes to ransomware (or any other threat), the first action should be to protect your environment as best as possible. Although there is a lot that can be done to prevent ransomware from occurring, there is no way to make your environment 100% resilient from such an attack. Because of this, the second action you need to take is being prepared to respond. Ransomware can impact anyone at any time, and the better prepared you are, the better you will be able to handle the situation and the quicker you will be able to recover your environment. Time is of the essence in these situations as you may be losing millions of dollars, customers, and a reputation that has taken years to build.

There are many great resources available for ransomware preparedness and response. Our review of ransomware preparedness and response will be referencing the following two excellent resources for recommendations and information:

First, let’s review some best practices for protecting your environment from a ransomware attack. A lot of the following recommendations should be part of your standard security best practices, but it’s best to review and validate any gaps you may have in your infrastructure:

  • Enforce MFA, use least privileges or just-enough privilege, and implement Privileged Access Management (PAM) and Privileged Identity Management (PIM).
  • Patch and update all software and OSs (including network devices) to the latest supported versions.
  • Ensure you are using the latest protection solutions including EDR or Extended Detection and Response (XDR).
  • Implement next-generation network protection: firewalls, Intrusion and Detection Prevention (IDP), Intrusion Prevention Systems (IPSs), and so on.
  • Implement network segmentation.
  • Restrict the use of scripting to approved users.
  • Secure your Domain Controllers (DCs).
  • Block access to malicious sites.
  • Only allow trusted devices on your network.
  • Disable the use of macros.
  • Only allow approved software to be used by your users.
  • Remove local admin permissions.
  • Enable advanced filtering for email.
  • Use Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting, and Conformance (DMARC).
  • Block the Server Message Block (SMB) outbound protocol and remove outdated versions.
  • Follow best practices to harden your end-user and infrastructure devices.
  • Protect your cloud environment with best practices, especially public file shares.
  • Review your remote strategy and ensure outside connections into your environment are secure. If Remote Desktop Protocol (RDP) is needed, ensure best practices are deployed.
  • For backups, maintain an offline backup or air gap, encrypt all backups, and validate recovery by testing regularly.
  • Implement and focus attention on a well-defined Vulnerability Management Program (VMP).
  • Implement a good cybersecurity and awareness program. Train users not to click on links or open attachments unless they are confident they are legitimate.
  • Build a mature Vendor Risk Management (VRM) program.

This is a very high-level summary and may not be inclusive of everything that you may need to account for when protecting your network from a ransomware attack. This is a great starting point, but a lot of effort and time will be needed to best protect against malicious attackers.

Additional Information

The preceding list has been derived from the CISA Ransomware Guide (https://www.cisa.gov/sites/default/files/publications/CISA_MS-ISAC_Ransomware Guide_S508C_.pdf) and the NIST Tips and Tactics | Preparing Your Organization for Ransomware Attacks document (https://csrc.nist.gov/CSRC/media/Projects/ransomware-protection-and-response/documents/NIST_Tips_for_Preparing_for_Ransomware_Attacks.pdf), which contain a lot more detail for review.

As already stated, there is no way of completely preventing a ransomware attack in any environment—it could happen to anyone. No matter how much you protect your environment, there will always be a way to circumvent it. Because of this, the next best action you can take is responsiveness. Being prepared and ready to respond to a ransomware attack will allow you to handle the situation much more efficiently and get your environment up and running much faster. Here are some critical items to help with your response:

  • Have an up-to-date Incident Response Plan (IRP). This should include all critical information needed to respond to a ransomware attack, including contact information (local law enforcement), responsibilities, communications, and so on.
  • Ensure you have a ransomware playbook as part of your IRP.
  • Ensure you have a well-documented Disaster Recovery (DR) plan and Business Continuity Plan (BCP) that is up to date and tested.
  • Ensure you have a mature Security Operations Center (SOC) or Managed Security Service Provider (MSSP).
  • Conduct a tabletop exercise using ransomware as your theme. Ensure executives are involved in these exercises as they will ultimately need to make some of the important final decisions.
  • Carry cybersecurity insurance and understand what options are available with ransomware payment from your cyber insurance policy if this becomes a decision point. Check if you need to obtain a cryptocurrency account or if this is part of the service they provide. Make sure you are not breaking any laws if payment will proceed.
  • At a minimum, contract with a couple of respected Incident Response (IR) vendors with whom you have Service Level Agreements (SLAs) for engagement. Ensure that they also provide Digital Forensics Incident Response (DFIR) and are approved for use by your cybersecurity insurance policy. A couple to review are Secureworks (https://www.secureworks.com/services/incident-response/incident-management-retainer) and KPMG (https://advisory.kpmg.us/services/cyber-response-services.html).

    Information

    We will cover the IRP in more detail in Chapter 14, Security Operations.

Everything we have covered for ransomware response should be part of the overall hardening of your environment as part of your security program. Implementing these recommendations will help protect you against many threats. In addition, having an IRP is intended for any security incident within your environment, and this should be a requirement for your security program in general. As we take you through this book, you will learn how to harden your Windows environment to best protect yourself from a ransomware attack.

Left arrow icon Right arrow icon

Key benefits

  • Learn to protect your Windows environment using zero-trust and a multi-layered security approach
  • Implement security controls using Intune, Configuration Manager, Defender for Endpoint, and more
  • Understand how to onboard modern cyber-threat defense solutions for Windows clients

Description

Are you looking for the most current and effective ways to protect Windows-based systems from being compromised by intruders? This updated second edition is a detailed guide that helps you gain the expertise to implement efficient security measures and create robust defense solutions using modern technologies. The first part of the book covers security fundamentals with details around building and implementing baseline controls. As you advance, you’ll learn how to effectively secure and harden your Windows-based systems through hardware, virtualization, networking, and identity and access management (IAM). The second section will cover administering security controls for Windows clients and servers with remote policy management using Intune, Configuration Manager, Group Policy, Defender for Endpoint, and other Microsoft 365 and Azure cloud security technologies. In the last section, you’ll discover how to protect, detect, and respond with security monitoring, reporting, operations, testing, and auditing. By the end of this book, you’ll have developed an understanding of the processes and tools involved in enforcing security controls and implementing zero-trust security principles to protect Windows systems.

What you will learn

  • Build a multi-layered security approach using zero-trust concepts
  • Explore best practices to implement security baselines successfully
  • Get to grips with virtualization and networking to harden your devices
  • Discover the importance of identity and access management
  • Explore Windows device administration and remote management
  • Become an expert in hardening your Windows infrastructure
  • Audit, assess, and test to ensure controls are successfully applied and enforced
  • Monitor and report activities to stay on top of vulnerabilities

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Aug 19, 2022
Length 816 pages
Edition : 2nd Edition
Language : English
ISBN-13 : 9781803236544
Category :
Concepts :

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon AI Assistant (beta) to help accelerate your learning
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want

Product Details

Publication date : Aug 19, 2022
Length 816 pages
Edition : 2nd Edition
Language : English
ISBN-13 : 9781803236544
Category :
Concepts :

Packt Subscriptions

See our plans and pricing
Modal Close icon
$19.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
$199.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts
$279.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just $5 each
Feature tick icon Exclusive print discounts

Frequently bought together

Stars icon
Total $ 78.97 115.97 37.00 saved
Mastering Windows Security and Hardening
$29.99 $43.99
Windows and Linux Penetration Testing from Scratch
$25.99 $37.99
Cybersecurity – Attack and Defense Strategies
$22.99 $33.99
=
Book stack Total $ 78.97 115.97 37.00 saved Stars icon

Table of Contents

21 Chapters
Preface Chevron down icon Chevron up icon
1. Part 1: Getting Started and Fundamentals Chevron down icon Chevron up icon
2. Chapter 1: Fundamentals of Windows Security Chevron down icon Chevron up icon
3. Chapter 2: Building a Baseline Chevron down icon Chevron up icon
4. Chapter 3: Hardware and Virtualization Chevron down icon Chevron up icon
5. Chapter 4: Networking Fundamentals for Hardening Windows Chevron down icon Chevron up icon
6. Chapter 5: Identity and Access Management Chevron down icon Chevron up icon
7. Part 2: Applying Security and Hardening Chevron down icon Chevron up icon
8. Chapter 6: Administration and Policy Management Chevron down icon Chevron up icon
9. Chapter 7: Deploying Windows Securely Chevron down icon Chevron up icon
10. Chapter 8: Keeping Your Windows Client Secure Chevron down icon Chevron up icon
11. Chapter 9: Advanced Hardening for Windows Clients Chevron down icon Chevron up icon
12. Chapter 10: Mitigating Common Attack Vectors Chevron down icon Chevron up icon
13. Chapter 11: Server Infrastructure Management Chevron down icon Chevron up icon
14. Chapter 12: Keeping Your Windows Server Secure Chevron down icon Chevron up icon
15. Part 3: Protecting, Detecting, and Responding for Windows Environments Chevron down icon Chevron up icon
16. Chapter 13: Security Monitoring and Reporting Chevron down icon Chevron up icon
17. Chapter 14: Security Operations Chevron down icon Chevron up icon
18. Chapter 15: Testing and Auditing Chevron down icon Chevron up icon
19. Chapter 16: Top 10 Recommendations and the Future Chevron down icon Chevron up icon
20. Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Full star icon Full star icon 5
(1 Ratings)
5 star 100%
4 star 0%
3 star 0%
2 star 0%
1 star 0%
N/A Feb 19, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Feefo Verified review Feefo image
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.