You're reading from Mastering Windows Security and Hardening Secure and protect your Windows environment from intruders, malware attacks, and other cyber threats

Product type Paperback

Published in Jul 2020

Publisher Packt

ISBN-13 9781839216411

Length 572 pages

Edition 1st Edition

Languages

PowerShell

Tools

Windows OS

Concepts

Hardening

Authors (2):

Matt Tumbarello

Mark Dunkerley

View More author details

Table of Contents (19) Chapters

Preface

1. Section 1: Getting Started

2. Chapter 1: Fundamentals of Windows Security FREE CHAPTER

3. Chapter 2: Building a Baseline

4. Chapter 3: Server Infrastructure Management

5. Chapter 4: End User Device Management

6. Section 2: Applying Security and Hardening

7. Chapter 5: Hardware and Virtualization

8. Chapter 6: Network Fundamentals for Hardening Windows

9. Chapter 7: Identity and Access Management

10. Chapter 8: Administration and Remote Management

11. Chapter 9: Keeping Your Windows Client Secure

12. Chapter 10: Keeping Your Windows Server Secure

13. Section 3: Protecting, Detecting, and Responding for Windows Environments

14. Chapter 11: Security Monitoring and Reporting

15. Chapter 12: Security Operations

16. Chapter 13: Testing and Auditing

17. Chapter 14: Top 10 Recommendations and the Future

18. Other Books You May Enjoy

Leave a review - let other readers know what you think

Summary

In this chapter, we covered security operations and reviewed the tools and technologies available from Microsoft that offer enterprise-class protection. We began the chapter with an introduction to the SOC and the importance of its place in an enterprise. We then introduced the M365 security portal and provided an overview of the feature. Next, we reviewed Microsoft's version of a CASB, known as MCAS. Then, we learned how to activate an instance of Azure ATP and review alerts throughout the cyber kill chain.

Other tools and features reviewed in this chapter included Azure Security Center to review and investigate alerts, Microsoft's SIEM, known as Azure Sentinel, and Microsoft Defender Security Center for alert and incident management. We finished off the chapter with an overview of BCP and DR.

In the next chapter, Chapter 13, Testing and Auditing, we will review validating controls to ensure the security measures that have been agreed on are actually in place...