You're reading from Mastering Windows Security and Hardening Secure and protect your Windows environment from intruders, malware attacks, and other cyber threats

Product type Paperback

Published in Jul 2020

Publisher Packt

ISBN-13 9781839216411

Length 572 pages

Edition 1st Edition

Languages

PowerShell

Tools

Windows OS

Concepts

Hardening

Authors (2):

Matt Tumbarello

Mark Dunkerley

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Getting Started

2. Chapter 1: Fundamentals of Windows Security FREE CHAPTER

3. Chapter 2: Building a Baseline

4. Chapter 3: Server Infrastructure Management

5. Chapter 4: End User Device Management

6. Section 2: Applying Security and Hardening

7. Chapter 5: Hardware and Virtualization

8. Chapter 6: Network Fundamentals for Hardening Windows

9. Chapter 7: Identity and Access Management

10. Chapter 8: Administration and Remote Management

11. Chapter 9: Keeping Your Windows Client Secure

12. Chapter 10: Keeping Your Windows Server Secure

13. Section 3: Protecting, Detecting, and Responding for Windows Environments

14. Chapter 11: Security Monitoring and Reporting

15. Chapter 12: Security Operations

16. Chapter 13: Testing and Auditing

17. Chapter 14: Top 10 Recommendations and the Future

18. Other Books You May Enjoy

Leave a review - let other readers know what you think

Summary

In this chapter, we covered monitoring with MDATP. We learned how to investigate an alert and reviewed the threat analytics, Threat & Vulnerability Management, and machine health and compliance dashboards. We covered how to onboard Windows 10 endpoints and create a machine risk compliance policy in Intune from the MDATP Intune connector. Next, we learned how to use Azure Log Analytics. We covered installing gallery solutions, such as ServiceMap and Wire Data 2.0, which help to quantify the data being captured with charts and visuals. We also provided an overview of Azure Monitor, including using Azure activity logs to audit operations taken on your resources.

In the next section, we discussed ASC and provided the steps to enable advanced features and to onboard machines. Finally, we discussed the importance of capturing performance baselines in addition to building security baselines. Now that we have learned how to configure telemetry to capture performance and security...