You're reading from Mastering Windows Security and Hardening Secure and protect your Windows environment from intruders, malware attacks, and other cyber threats

Product type Paperback

Published in Jul 2020

Publisher Packt

ISBN-13 9781839216411

Length 572 pages

Edition 1st Edition

Languages

PowerShell

Tools

Windows OS

Concepts

Hardening

Authors (2):

Matt Tumbarello

Mark Dunkerley

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Getting Started

2. Chapter 1: Fundamentals of Windows Security FREE CHAPTER

3. Chapter 2: Building a Baseline

4. Chapter 3: Server Infrastructure Management

5. Chapter 4: End User Device Management

6. Section 2: Applying Security and Hardening

7. Chapter 5: Hardware and Virtualization

8. Chapter 6: Network Fundamentals for Hardening Windows

9. Chapter 7: Identity and Access Management

10. Chapter 8: Administration and Remote Management

11. Chapter 9: Keeping Your Windows Client Secure

12. Chapter 10: Keeping Your Windows Server Secure

13. Section 3: Protecting, Detecting, and Responding for Windows Environments

14. Chapter 11: Security Monitoring and Reporting

15. Chapter 12: Security Operations

16. Chapter 13: Testing and Auditing

17. Chapter 14: Top 10 Recommendations and the Future

18. Other Books You May Enjoy

Leave a review - let other readers know what you think

Security awareness and training

One specific area of importance in the process is to ensure that you don't forget to test your users and provide them with training and an awareness of vulnerabilities. The human factor is one of the weakest links when it comes to security, and providing awareness is critical and something that is quite often overlooked.

There are three important components to consider for a robust employee security program. The first is testing, most commonly completed through phishing campaigns or an attack simulator. Secondly, we need to ensure that we provide a robust training program and keep a record of employees who have taken and passed the training. This shouldn't be a one-time event, but rather an ongoing event. Lastly, you need to provide awareness to your users as needed. Sending a weekly security communication with tips, tricks, and recommendations, or providing somewhere for users to learn more, such as on an internal portal, will help strengthen...