Preface

• Who this book is for
• What this book covers
• To get the most out of this book
• Download the color images
• Conventions used
• Get in touch
• Share Your Thoughts

1. Part 1: Getting Started and Fundamentals

2. Chapter 1: Fundamentals of Windows Security FREE CHAPTER

• Understanding the security transformation
• Living in today’s digital world
• Today’s threats
• Ransomware preparedness
• Identifying vulnerabilities
• Recognizing breaches
• Current security challenges
• Focusing on zero trust
• Summary

3. Chapter 2: Building a Baseline

• Overview of baselining
• Introduction to policies, standards, procedures, and guidelines
• Incorporating change management
• Implementing a security framework
• Building baseline controls
• Incorporating best practices
• Summary

4. Chapter 3: Hardware and Virtualization

• Technical requirements
• Physical servers and virtualization
• Introduction to hardware certification
• The firmware interface, TPM, and Secure Boot
• Isolated protection with VBS
• Protecting data from lost or stolen devices
• Hardware security recommendations and best practices
• Summary

5. Chapter 4: Networking Fundamentals for Hardening Windows

• Technical requirements
• Network security fundamentals
• Understanding Windows network security
• Windows Defender Firewall and Advanced Security
• Web protection features in Microsoft Defender for Endpoint
• Introducing Azure network security
• Summary

6. Chapter 5: Identity and Access Management

• Technical requirements
• Identity and access management overview
• Implementing account and access management
• Understanding authentication, MFA, and going passwordless
• Using Conditional Access and Identity Protection
• Summary

7. Part 2: Applying Security and Hardening

8. Chapter 6: Administration and Policy Management

• Technical requirements
• Understanding device administration
• Managing devices with Configuration Manager
• Managing devices with Intune
• Administering a security baseline
• Summary

9. Chapter 7: Deploying Windows Securely

• Technical requirements
• Device provisioning and upgrading Windows
• Building hardened Windows images
• Provisioning devices with Windows Autopilot
• Deploying images to Azure Virtual Desktop
• Deploying Windows 365 Cloud PC
• Summary

10. Chapter 8: Keeping Your Windows Client Secure

• Technical requirements
• Securing your Windows clients
• Staying updated with Windows Update for Business
• Enforcing policies and configurations
• Enabling BitLocker to prevent data theft
• Going passwordless with Windows Hello for Business
• Configuring a device compliance policy
• Deploying Windows Security Baselines
• Configuring Windows Security features
• Summary

11. Chapter 9: Advanced Hardening for Windows Clients

• Technical requirements
• Securing enterprise web browsers
• Securing Microsoft 365 apps
• Advanced protection features with Microsoft Defender
• Summary

12. Chapter 10: Mitigating Common Attack Vectors

• Technical requirements
• Preventing an Adversary-in-the-Middle attack
• Protecting against lateral movement and privilege escalation
• Windows privacy settings
• Summary

13. Chapter 11: Server Infrastructure Management

• Technical requirements
• Overview of the data center and the cloud (IaaS, PaaS, and SaaS)
• Implementing access management in Windows servers
• Understanding Windows Server management tools
• Using Azure services to manage Windows servers
• Connecting securely to Windows servers remotely
• Summary

14. Chapter 12: Keeping Your Windows Server Secure

• Technical requirements
• Windows Server versions
• Security roles in Windows Server
• Configuring Windows updates
• Configuring Windows Defender
• Hardening Windows Server
• Deploying application control policies using WDAC
• Implementing PowerShell security
• Summary

15. Part 3: Protecting, Detecting, and Responding for Windows Environments

16. Chapter 13: Security Monitoring and Reporting

• Technical requirements
• MDE features
• Onboarding Windows clients into MDE
• Collecting telemetry with Azure Monitor Logs
• Monitoring with Azure Monitor and activity logs
• Overview of Microsoft Defender for Cloud
• Reporting in MEM
• Monitoring the health and update status of Office apps
• Summary

17. Chapter 14: Security Operations

• Technical requirements
• Introducing the SOC
• Understanding XDR
• Using the M365 Defender portal
• Security operations with MDE
• Investigating threats with Defender for Cloud
• Enabling Azure-native SIEM with Microsoft Sentinel
• Protecting apps with MDCA
• Monitoring hybrid environments with MDI
• Data protection with M365
• Planning for business continuity
• Summary

18. Chapter 15: Testing and Auditing

• Technical requirements
• Validating security controls
• Vulnerability scanning overview
• Planning for penetration testing
• An insight into security awareness, training, and testing
• Summary

19. Chapter 16: Top 10 Recommendations and the Future

• The 10 most important to-do's
• The future of device security and management
• Security and the future
• Summary
• Why subscribe?

20. Other Books You May Enjoy

• Packt is searching for authors like you
• Share Your Thoughts