You're reading from Mastering Windows Security and Hardening Secure and protect your Windows environment from intruders, malware attacks, and other cyber threats

Product type Paperback

Published in Jul 2020

Publisher Packt

ISBN-13 9781839216411

Length 572 pages

Edition 1st Edition

Languages

PowerShell

Tools

Windows OS

Concepts

Hardening

Authors (2):

Matt Tumbarello

Mark Dunkerley

Preface

1. Section 1: Getting Started

2. Chapter 1: Fundamentals of Windows Security FREE CHAPTER

3. Chapter 2: Building a Baseline

4. Chapter 3: Server Infrastructure Management

5. Chapter 4: End User Device Management

6. Section 2: Applying Security and Hardening

7. Chapter 5: Hardware and Virtualization

8. Chapter 6: Network Fundamentals for Hardening Windows

9. Chapter 7: Identity and Access Management

10. Chapter 8: Administration and Remote Management

11. Chapter 9: Keeping Your Windows Client Secure

12. Chapter 10: Keeping Your Windows Server Secure

13. Section 3: Protecting, Detecting, and Responding for Windows Environments

14. Chapter 11: Security Monitoring and Reporting

15. Chapter 12: Security Operations

16. Chapter 13: Testing and Auditing

17. Chapter 14: Top 10 Recommendations and the Future

18. Other Books You May Enjoy

Hardware security recommendations and best practices

When looking at the security of hardware, it's important to keep these considerations in mind:

Only purchase hardware that has been through a proper hardware certification program. The Windows Hardware Compatibility Program Certification process is a great resource to help ensure the hardware is reliable and compatible for Windows.
Have a good secure system for upgrading Firmware/BIOS and ensure the proper protections are enabled to ensure only approved sources can update them.
Purchase physical hardware with a minimum of TPM 2.0 in order to leverage the advanced cryptographic functionality it offers. Most new hardware-based security features require it.
Turn on Virtualization-Based Security as soon as possible and enable Credential Guard, Device Guard, and Application Guard to put the power of your hardware into action.