Security Strategies in Windows Platforms and Applications 3rd Edition by Michael G. Solomon, ISBN-13: 978-1284175622
[PDF eBook eTextbook]
- Publisher: Jones & Bartlett Learning; 3rd edition (October 23, 2019)
- Language: English
- 374 pages
- ISBN-10: 1284175626
- ISBN-13: 978-1284175622
Revised and updated to keep pace with this ever changing field, Security Strategies in Windows Platforms and Applications, Third Edition focuses on new risks, threats, and vulnerabilities associated with the Microsoft Windows operating system, placing a particular emphasis on Windows 10, and Windows Server 2016 and 2019. The Third Edition highlights how to use tools and techniques to decrease risks arising from vulnerabilities in Microsoft Windows operating systems and applications. The book also includes a resource for readers desiring more information on Microsoft Windows OS hardening, application security, and incident management. With its accessible writing style, and step-by-step examples, this must-have resource will ensure readers are educated on the latest Windows security strategies and techniques.
Table of Contents:
Preface
Acknowledgments
About the Author
PART I The Microsoft Windows Security Situation
CHAPTER 1 Microsoft Windows and the Threat Landscape
Information Systems Security
Tenets of Information Security: The C-I-A Triad
Confidentiality
Integrity
Availability
Mapping Microsoft Windows and Applications into a Typical IT Infrastructure
Windows Clients
Windows Servers
Microsoft’s End-User License Agreement
Windows Threats and Vulnerabilities
Anatomy of Microsoft Windows Vulnerabilities
CryptoLocker
Locky
WannaCry
Discovery-Analysis-Remediation Cycle
Discovery
Analysis
Remediation
Common Forms of Attack
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 1 ASSESSMENT
CHAPTER 2 Security in the Microsoft Windows Operating System
Operating System Components and Architecture
The Kernel
Operating System Components
Basic Windows Operating System Architecture
Windows Run Modes
Kernel Mode
User Mode
Access Controls and Authentication
Authentication Methods
Access Control Methods
Security Access Tokens, Rights, and Permissions
Security Identifier
Access Rules, Rights, and Permissions
Users, Groups, and Active Directory
Workgroups
Active Directory
Windows Attack Surfaces and Mitigation
Multilayered Defense
Mitigation
Fundamentals of Microsoft Windows Security Monitoring and Maintenance
Security Monitoring
Identify Vulnerabilities
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 2 ASSESSMENT
PART II Managing and Maintaining Microsoft Windows Security
CHAPTER 3 Access Controls in Microsoft Windows
The Principle of Least Privilege
The Orange Book
Least Privilege and LUAs
Rights and Permissions
Access Models: Identification, Authentication, Authorization, ACLs, and More
Windows Server 2012, Windows Server 2016, and Windows Server 2019 Dynamic Access Control
User Account Control
Sharing SIDs and SATs
Managed Service Accounts
Kerberos
Windows Objects and Access Controls
Windows DACLs
DACL Advanced Permissions
SIDs, Globally Unique Identifiers, and Class Identifiers
Calculating Microsoft Windows Access Permissions
Auditing and Tracking Windows Access
Expression-Based Security Audit Policy (Windows Server 2012 and Newer)
Microsoft Windows Access Management Tools
Cacls.exe
Icacls.exe
Best Practices for Microsoft Windows Access Control
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 3 ASSESSMENT
CHAPTER 4 Microsoft Windows Encryption Tools and Technologies
Encryption Methods Microsoft Windows Supports
Encrypting File System, BitLocker, and BitLocker To Go
Encrypting File System
BitLocker
BitLocker To Go
Enabling File-, Folder-, and Volume-Level Encryption
Enabling EFS
Enabling BitLocker
Enabling BitLocker To Go
Encryption in Communications
Encryption Protocols in Microsoft Windows
TLS
IPSec
Virtual Private Network
Wireless Security
Microsoft Windows and Security Certificates
Public Key Infrastructure
Best Practices for Windows Encryption Techniques
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 4 ASSESSMENT
CHAPTER 5 Protecting Microsoft Windows against Malware
The Purpose of Malware
Types of Malware
Virus
Worm
Trojan Horse
Rootkit
Spyware
Ransomware
Malware Type Summary
Anti-Malware Software
Antivirus Software
Anti-Spyware Software
Malware Mitigation Techniques
Importance of Updating Your Software
Maintaining a Malware-Free Environment
Scanning and Auditing Malware
Tools and Techniques for Removing Malware
Malware Prevention Best Practices
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 5 ASSESSMENT
CHAPTER 6 Group Policy Control in Microsoft Windows
Group Policy and Group Policy Objects
Group Policy Settings
GPO Linking
Making Group Policy Conform to Security Policy
Security Responsibility
Security Policy and Group Policy
Group Policy Targets
Types of GPOs in the Registry
Local Group Policy Editor
GPOs in the Registry Editor
Types of GPOs in Active Directory
Group Policy Management Console
GPOs on the Domain Controller
Designing, Deploying, and Tracking Group Policy Controls
GPO Application Order
Security Filters
GPO Windows Management Instrumentation Filters
Deploying Group Policy
Auditing and Managing Group Policy
Group Policy Inventory
Analyzing the Effect of GPOs
Best Practices for Microsoft Windows Group Policy and Processes
Group Policy Design Guidelines
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 6 ASSESSMENT
CHAPTER 7 Microsoft Windows Security Profile and Audit Tools
Profiling Microsoft Windows Security
Profiling
Profiling Windows Computers
Microsoft Baseline Security Analyzer
MBSA Graphical User Interface
MBSA Command-Line Interface
OpenVAS
Nessus Essentials
Burp Suite Web Vulnerability Scanner
Microsoft Windows Security Audit
Microsoft Windows Security Audit Tools
Best Practices for Microsoft Windows Security Audits
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 7 ASSESSMENT
CHAPTER 8 Microsoft Windows Backup and Recovery Tools
Microsoft Windows Operating System and Application Backup and Recovery
The Need for Backups
The Backup Process
The Restore Process
Workstation, Server, Network, and Cloud Backup Techniques
Workstation Backups
Server Backups
Network Backups
Cloud Backups
Microsoft Windows and Application Backup and Recovery in a Business Continuity Setting
Disaster Recovery Plan
Business Continuity Plan
Where a Restore Fits In
Microsoft Windows Backup and Restore Utility
Restoring with the Windows Backup and Restore Utility
Restoring with the Windows Server Recovery Utility
Rebuilding Systems from Bare Metal
Managing Backups with Virtual Machines
Best Practices for Microsoft Windows Backup and Recovery
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 8 ASSESSMENT
CHAPTER 9 Microsoft Windows Network Security
Network Security
Network Security Controls
Principles of Microsoft Windows Network Security
Common Network Components
Connection Media
Networking Devices
Server Computers and Services Devices
Microsoft Windows Security Protocols and Services
Securing Microsoft Windows Environment Network Services
Service Updates
Service Accounts
Necessary Services
Securing Microsoft Windows Wireless Networking
Microsoft Windows Workstation Network Security
User Authorization and Authentication
Malicious Software Protection
Outbound Traffic Filtering
Microsoft Windows Server Network Security
Authentication and Authorization
Malicious Software Protection
Network Traffic Filtering
Internal Network and Cloud Security
IPv4 versus IPv6
Cloud Computing
Best Practices for Microsoft Windows Network Security
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 9 ASSESSMENT
CHAPTER 10 Microsoft Windows Security Administration
Security Administration Overview
The Security Administration Cycle
Security Administration Tasks
Maintaining the C-I-A Triad in the Microsoft Windows OS World
Maintaining Confidentiality
Maintaining Integrity
Maintaining Availability
Microsoft Windows OS Security Administration
Firewall Administration
Performance Monitor
Backup Administration
Operating System Service Pack Administration
Group Policy Administration
DACL Administration
Encryption Administration
Anti-Malware Software Administration
Ensuring Due Diligence and Regulatory Compliance
Due Diligence
The Need for Security Policies, Standards, Procedures, and Guidelines
Best Practices for Microsoft Windows OS Security Administration
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 10 ASSESSMENT
PART III Microsoft Windows OS and Application Security Trends and Directions
CHAPTER 11 Hardening the Microsoft Windows Operating System
Understanding the Hardening Process and Mindset
Strategies to Secure Windows Computers
Install Only What You Need
Security Compliance Toolkit
Manually Disabling and Removing Programs and Services
Hardening Microsoft Windows Operating System Authentication
Hardening the Network Infrastructure
Securing Directory Information and Operations
Hardening Microsoft Windows OS Administration
Hardening Microsoft Servers and Client Computers
Hardening Server Computers
Hardening Workstation Computers
Hardening Data Access and Controls
Hardening Communications and Remote Access
Authentication Servers
VPNs and Encryption
Hardening PKI
User Security Training and Awareness
Best Practices for Hardening Microsoft Windows OS and Applications
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 11 ASSESSMENT
CHAPTER 12 Microsoft Application Security
Principles of Microsoft Application Security
Common Application Software Attacks
Hardening Applications
Securing Key Microsoft Client Applications
Web Browser
Email Client
Productivity Software
File Transfer Software
AppLocker
Securing Key Microsoft Server Applications
Web Server
Email Server
Database Server
Enterprise Resource Planning Software
Line of Business Software
Cloud-Based Software
Case Studies in Microsoft Application Security
Best Practices for Securing Microsoft Windows Applications
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 12 ASSESSMENT
CHAPTER 13 Microsoft Windows Incident Handling and Management
Understanding and Handling Security Incidents Involving Microsoft Windows OS and Applications
Formulating an Incident Response Plan
Plan Like a Pilot
Plan for Anything that Could Cause Loss or Damage
Build the CSIRT
Plan for Communication
Plan Security
Revision Procedures
Plan Testing
Handling Incident Response
Preparation
Identification
Containment
Eradication
Recovery
Lessons Learned
Incident Handling and Management Tools for Microsoft Windows and Applications
Investigating Microsoft Windows and Applications Incidents
Acquiring and Managing Incident Evidence
Types of Evidence
Chain of Custody
Evidence Collection Rules
Best Practices for Handling Microsoft Windows OS and Applications Incidents and Investigations
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 13 ASSESSMENT
CHAPTER 14 Microsoft Windows and the Security Life Cycle
Understanding Traditional System Life Cycle Phases
Agile Software Development
Managing Microsoft Windows OS and Application Software Security
Developing Secure Microsoft Windows OS and Application Software
Implementing, Evaluating, and Testing Microsoft Windows OS and Application Software Security
Maintaining the Security of Microsoft Windows OS and Application Software
Microsoft Windows OS and Application Software Revision, Change Management, and End-of-Life
Phaseout
Software Development Areas of Difficulty
Software Control
Software Configuration Management
Best Practices for Microsoft Windows and Application Software Development Security
Investigations
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 14 ASSESSMENT
CHAPTER 15 Best Practices for Microsoft Windows and Application Security
Basic Rules of Microsoft Windows OS and Application Security
Administrative best practices
Technical best practices
Audit and Remediation Cycles
Security Policy Conformance Checks
Security Baseline Analysis
OS and Application Checks and Upkeep
Network Management Tools and Policies
Software Testing, Staging, and Deployment
Compliance/Currency Tests on Network Entry
Trends in Microsoft Windows OS and Application Security Management
CHAPTER SUMMARY
KEY CONCEPTS AND TERMS
CHAPTER 15 ASSESSMENT
APPENDIX A Answer Key
APPENDIX B Standard Acronyms
Glossary of Key Terms
References
Index
Michael G. Solomon, PhD, CISSP, PMP, CISM, CySA+, Pentest+, is an author, educator, and consultant focusing on privacy, security, blockchain, and identity management. As an IT professional and consultant since 1987, Dr. Solomon has led project teams for many Fortune 500 companies and has authored and contributed to more than 30 books and numerous training courses. Dr. Solomon is a Professor of Computer and Information Sciences at the University of the Cumberlands and holds a Ph.D. in Computer Science and Informatics from Emory University.
What makes us different?
• Instant Download
• Always Competitive Pricing
• 100% Privacy
• FREE Sample Available
• 24-7 LIVE Customer Support