Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Mastering Windows Security and Hardening

You're reading from   Mastering Windows Security and Hardening Secure and protect your Windows environment from cyber threats using zero-trust security principles

Arrow left icon
Product type Paperback
Published in Aug 2022
Publisher Packt
ISBN-13 9781803236544
Length 816 pages
Edition 2nd Edition
Arrow right icon
Authors (2):
Arrow left icon
Matt Tumbarello Matt Tumbarello
Author Profile Icon Matt Tumbarello
Matt Tumbarello
Mark Dunkerley Mark Dunkerley
Author Profile Icon Mark Dunkerley
Mark Dunkerley
Arrow right icon
View More author details
Toc

Table of Contents (21) Chapters Close

Preface 1. Part 1: Getting Started and Fundamentals
2. Chapter 1: Fundamentals of Windows Security FREE CHAPTER 3. Chapter 2: Building a Baseline 4. Chapter 3: Hardware and Virtualization 5. Chapter 4: Networking Fundamentals for Hardening Windows 6. Chapter 5: Identity and Access Management 7. Part 2: Applying Security and Hardening
8. Chapter 6: Administration and Policy Management 9. Chapter 7: Deploying Windows Securely 10. Chapter 8: Keeping Your Windows Client Secure 11. Chapter 9: Advanced Hardening for Windows Clients 12. Chapter 10: Mitigating Common Attack Vectors 13. Chapter 11: Server Infrastructure Management 14. Chapter 12: Keeping Your Windows Server Secure 15. Part 3: Protecting, Detecting, and Responding for Windows Environments
16. Chapter 13: Security Monitoring and Reporting 17. Chapter 14: Security Operations 18. Chapter 15: Testing and Auditing 19. Chapter 16: Top 10 Recommendations and the Future 20. Other Books You May Enjoy

Chapter 1: Fundamentals of Windows Security

In recent times, cybersecurity has become a hot topic throughout the world, and even more so with leadership teams and board members of major organizations asking the question: Are we secure? The short answer is no: no one is secure in today’s digital world, and the time has never been more critical to ensure that you are doing everything within your power to protect your organization and its users.

As we continue to receive daily news of breaches throughout the world, it is clear how severe the issue of cybercrime has become. To put it bluntly, we simply need to do a better job of protecting the data that we collect and manage within our organizations today. This isn’t an easy task, especially with the advancement of organized cyber and state-sponsored groups with budgets most likely far exceeding that of most organizations. As security professionals, we need to do our due diligence and ensure we identify all risks within the organization. Once identified, they will need to be addressed or accepted as a risk by leadership.

As a consumer, it is most likely that your data has already been breached, and there’s a chance your account information and passwords are sitting on the dark web somewhere. We need to work with the assumption that our personal data has already been breached and build better barriers around our data and account information. For example, in the US, purchasing identity protection as a service to monitor your identity can serve as an insurance policy if you incur any damages. In addition to this, the ability to place your credit reports on hold to prevent bad actors from opening accounts under your name is another example of a defensive approach that you can take to protect your personal identity.

Important Note

There are many identity protection plans available today; a couple of notable ones include Norton LifeLock (https://www.lifelock.com/) and Aura Identity Guard (https://www.identityguard.com/). For those in the US, you can lock your credit for free online at each of the Credit Bureau’s websites: Experian, Equifax, and TransUnion.

As the cybersecurity workforce continues to evolve and strengthen with more and more talented individuals, we want to help contribute to the importance of securing our data, and we hope this book will provide you with the necessary knowledge to do the right thing for your organization. As you read this book, you will not only learn the technical aspects of securing Windows, but you will also learn what else is necessary to ensure the protection of Windows and those who use it. Protecting Windows has become a lot more than making a few simple configuration changes and installing an antivirus (AV) tool. There is an entire ecosystem of controls, tools, and technologies to help protect your Windows systems and users. This means adopting a layered approach to protecting your devices, taking into consideration the network, applications, infrastructure, hardware, identity, monitoring, auditing, and much more.

As you read through this chapter, you will learn about the broader fundamentals of security and the principles behind the foundation that is needed to protect your Windows environment. Specifically, you will learn about the following topics:

  • Understanding the security transformation
  • Living in today’s digital world
  • Today’s threats
  • Ransomware preparedness
  • Identifying vulnerabilities
  • Recognizing breaches
  • Current security challenges
  • Focusing on zero trust
You have been reading a chapter from
Mastering Windows Security and Hardening - Second Edition
Published in: Aug 2022
Publisher: Packt
ISBN-13: 9781803236544
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at €18.99/month. Cancel anytime