You're reading from Mastering Windows Security and Hardening Secure and protect your Windows environment from intruders, malware attacks, and other cyber threats

Product type Paperback

Published in Jul 2020

Publisher Packt

ISBN-13 9781839216411

Length 572 pages

Edition 1st Edition

Languages

PowerShell

Tools

Windows OS

Concepts

Hardening

Authors (2):

Matt Tumbarello

Mark Dunkerley

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Getting Started

2. Chapter 1: Fundamentals of Windows Security FREE CHAPTER

3. Chapter 2: Building a Baseline

4. Chapter 3: Server Infrastructure Management

5. Chapter 4: End User Device Management

6. Section 2: Applying Security and Hardening

7. Chapter 5: Hardware and Virtualization

8. Chapter 6: Network Fundamentals for Hardening Windows

9. Chapter 7: Identity and Access Management

10. Chapter 8: Administration and Remote Management

11. Chapter 9: Keeping Your Windows Client Secure

12. Chapter 10: Keeping Your Windows Server Secure

13. Section 3: Protecting, Detecting, and Responding for Windows Environments

14. Chapter 11: Security Monitoring and Reporting

15. Chapter 12: Security Operations

16. Chapter 13: Testing and Auditing

17. Chapter 14: Top 10 Recommendations and the Future

18. Other Books You May Enjoy

Leave a review - let other readers know what you think

Enforcing policies with MDM

When a device becomes fully Azure AD joined, it opens new opportunities to layer and enforce security policies. Unlike domain-joined or hybrid-joined devices, a fully Azure AD joined device is not part of an on-premises domain, it never connects to a domain controller, and it does not receive Group Policy. Many organizations have years worth of GPOs that they rely on to harden their Windows systems and the question now becomes how to move and enforce these policies with MDM. The answer is to use Configuration Manager, Intune, or a combination of the two with co-management. Unfortunately, there is no clear lift-and-shift path, and part of the challenge is the auditing and evaluation of what currently exists.

In this section, we are going to learn about creating and enforcing policies with MDM. We will walk through how to build, assign, and enforce compliance settings such as configuration items and configuration baselines in Configuration Manager and how...