Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Free Learning

You're reading from Windows 10 for Enterprise Administrators Modern Administrators' guide based on Redstone 3 version

Product type Paperback

Published in Sep 2017

Publisher Packt

ISBN-13 9781786462824

Length 314 pages

Edition 1st Edition

Tools

Azure

Concepts

System Administration

Authors (4):

Manuel Singer

Jeff Stokes

Richard Diver

Zane Williams

View More author details

Table of Contents (11) Chapters

Preface

1. Installation and Upgrading

2. Configuration and Customization FREE CHAPTER

3. User Account Administration

4. Remote Administration Tools

5. Device Management

6. Protecting Enterprise Data in BYOD Scenarios

7. Windows 10 Security

8. Windows Defender Advanced Threat Protection

9. Advanced Configurations

10. RedStone 3 Changes

Credential Guard

As already described in the Windows Hello section, the PtH vulnerability has become a very common threat. Hacker tools such as Mimikatz can dump the system memory and debug your LSASS.exe, containing all the currently active credentials, including hashes. When PtH was weaponized, Windows 7 was already mainstream, and the design of Windows 8.0 was also completed. They could not react/redesign their kernel to prevent this memory dump. Every service was able to dump your Local Security Authority Subsystem (LSASS). With Windows 8.1, a new protected process level (PPL) was introduced. When RunAsPPL was activated, the LSASS process would run with a higher protection level (system level) and therefore no longer be accessible by illegal/corrupt services. But Mimikatz evolved and found a weak spot with device drivers. Even when running in the PPL, LSASS could be accessed...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (4)

Zane Williams

See other products by Zane Williams

Richard Diver

Richard Diver is a senior technical business strategy manager for the Microsoft Security Solutions group, focused on developing security partners. Based in Chicago, Richard works with advanced security and compliance partners to help them build solutions across the entire Microsoft platform, including Microsoft Sentinel, Microsoft Defender, Microsoft 365 security solutions, and many more. Prior to Microsoft, Richard worked in multiple industries and for several Microsoft partners to architect and implement cloud security solutions for a wide variety of customers around the world. Any spare time he gets is usually spent with his family.

See other products by Richard Diver

Jeff Stokes

Jeff Stokes is a Windows / Microsoft Engineer currently employed at Microsoft. He specializes in Operating System Health, Reliability, and Performance. He is skilled in Windows Deployment with MDT (Microsoft Deployment Toolkit) and has exceptional skills in VDI (Virtual Desktop) and performance analysis. He is an active writer and blogger and loves technology.

See other products by Jeff Stokes

Manuel Singer

Manuel Singer works as a Senior Premier Field Engineer for Windows Client at Microsoft and is based in Germany. He has more than 10 years of experience in system management and deployment using Microsoft technologies. He specializes in client enterprise design, deployment, performance, reliability, and Microsoft devices. Manuel works with local and international top customers from the private and public sector to provide professional technical and technological support.

See other products by Manuel Singer