Windows security concepts and technologies for IT beginners IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built.
This straightforward guide begins each chapter by laying out a list of topics to be discussed, followed by a concise discussion of the core networking skills you need to have to gain a strong handle on the subject matter. Chapters conclude with review questions and suggested labs so you can measure your level of understanding of the chapter's content.
- Serves as an ideal resource for gaining a solid understanding of fundamental security concepts and skills
- Offers a straightforward and direct approach to security basics and covers anti-malware software products, firewalls, network topologies and devices, network ports, and more
- Reviews all the topics you need to know for taking the MTA 98-367 exam
- Provides an overview of security components, looks at securing access with permissions, addresses audit policies and network auditing, and examines protecting clients and servers
If you're new to IT and interested in entering the IT workforce, then Microsoft Windows Security Essentials is essential reading.
Table of Contents:
Introduction xix
Chapter 1 Understanding Core Security Principles 1
Understanding Risk 1
Exploring the Security Triad 4
Protecting Against Loss of Confidentiality 5
Protecting Against Loss of Availability 5
Protecting Against Loss of Integrity 6
Implementing a Defense-in-Depth Security Strategy 7
Enforcing the Principle of Least Privilege 9
Hardening a Server 10
Reducing the Attack Surface 11
Keeping a System Updated 14
Enabling the Firewall 16
Installing Antivirus Software 16
The Essentials and Beyond 16
Chapter 2 Understanding Malware and Social Engineering 19
Comparing Malware 19
Viruses 21
Worms 22
Trojan Horses 23
Buffer-Overflow Attacks 25
Spyware 26
Understanding the Threat 27
Protecting Against Malware 28
Using Antivirus Software 29
Using Microsoft Security Essentials on Desktops 31
Thwarting Social-Engineering Attacks 34
Social Engineering in Person 34
Social Engineering with a Phone Call 34
Recognizing Phishing Attempts 35
Recognizing Pharming 38
Protecting Email 39
The Essentials and Beyond 41
Chapter 3 Understanding User Authentication 43
Comparing the Three Factors of Authentication 44
Using Passwords for Authentication 45
Comparing Password Attack Methods 45
Creating Strong Passwords 47
Enforcing Strong Passwords 49
Exploring Account Lockout Policies 51
Unlocking an Account 53
Resetting a Password 55
Changing a Password 57
Creating a Password-Reset Disk 58
Using Smart Cards and Token Devices for Authentication 59
Using Biometrics for Authentication 60
Starting Applications with Run As Administrator 61
Preventing Time Skew with Kerberos 63
Identifying RADIUS Capabilities 64
Identifying Unsecure Authentication Protocols 65
LM 66
NTLM (NTLMv1) 66
The Essentials and Beyond 67
Chapter 4 Securing Access with Permissions 69
Comparing NTFS Permissions 69
Identifying Basic NTFS Permissions 70
Identifying Advanced NTFS Permissions 71
Combining Permissions 75
Enabling and Disabling Permission Inheritance 76
Moving and Copying Files 79
Comparing NTFS and FAT 81
Exploring Share Permissions 81
Identifying Share Permissions 83
Combining NTFS and Share Permissions 85
Identifying Active Directory Permissions 87
Viewing Active Directory Users and Computers 87
Comparing NTFS and Active Directory Permissions 88
Viewing Active Directory Permissions 88
Assigning Registry Permissions 91
The Essentials and Beyond 93
Chapter 5 Using Audit Policies and Network Auditing 95
Exploring Audit Policies 96
Exploring Object Access Auditing 99
Comparing Account Logon and Logon Events 101
Exploring Directory Service Access Auditing 102
Understanding Account Management Auditing 103
Understanding System Events Auditing 103
Understanding Privilege Use Auditing 104
Understanding Policy Change Auditing 105
Understanding Process Tracking 105
Enabling Auditing 105
Enabling Object Access Auditing 107
Enabling Directory Service Access Auditing 108
Viewing Audit Information 110
Managing Security Logs 111
Saving Audit Information 113
Securing Audit Information 113
Auditing a Network with MBSA 114
Installing MBSA 116
Running MBSA 116
The Essentials and Beyond 117
Chapter 6 Protecting Clients and Servers 121
Understanding User Account Control 122
Understanding the Dimmed Desktop 123
Modifying User Account Control 123
Keeping Systems Updated 125
Updating Systems with Automatic Updates 126
Updating Systems with WSUS or SCCM 128
Using Group Policy to Configure Clients 129
Protecting Clients 130
Understanding Offline Folders 130
Encrypting Offline Folders 132
Using Software-Restriction Policies 133
Protecting Servers 135
Using Separate VLANs 136
Separating Services 136
Using Read-Only Domain Controllers 139
Exploring DNS Security Issues 140
Protecting Against Email Spoofing with SPF Records 141
Understanding Dynamic Updates 141
Using Secure Dynamic Updates 142
The Essentials and Beyond 144
Chapter 7 Protecting a Network 147
Identifying Common Attack Methods 147
Denial of Service 148
Distributed Denial of Service 149
Sniffing Attack 149
Spoofing Attack 151
Port Scan 151
Exploring Firewalls 153
Comparing Hardware-Based and Software-Based Firewalls 154
Comparing UTMs and SCMs 155
Isolating Servers on Perimeter Networks 157
Using Honeypots 159
Isolating a Network with NAT 159
Exploring Network Access Protection 159
Understanding NAP Components 160
Evaluating Client Health with VPN Enforcement 162
Using Other NAP Enforcement Methods 163
Identifying NAP Requirements 163
Identifying Protocol Security Methods 164
IPsec 165
Comparing Tunneling Protocols 166
DNSSEC 167
The Essentials and Beyond 168
Chapter 8 Understanding Wireless Security 171
Comparing Wireless Devices 171
Wireless Adapters 172
Wireless Access Points 173
Wireless Routers 173
Comparing Wireless Security Methods 174
Understanding Encryption Keys 175
Wired Equivalent Privacy 175
Wi-Fi Protected Access 176
Wi-Fi Protected Access Version 2 177
Extended Authentication Protocol 178
Viewing Windows 7 Wireless Settings 179
Configuring Wireless Routers 183
Changing the Default Administrator Password 183
Changing the SSID 183
To Broadcast or Not to Broadcast 185
Using MAC Filters 187
Configuring Windows 7 for Wireless 189
The Essentials and Beyond 190
Chapter 9 Understanding Physical Security 193
Comparing Site Security and Computer Security 194
Understanding the Importance of Physical Security 194
Controlling Physical Access 196
Using Switches Instead of Hubs 199
Using Group Policy to Enhance Computer Security 200
Understanding Default GPOs 200
Designing OUs and GPOs to Manage Users and Computers 201
Creating OUs in a Domain 202
Moving Objects into an OU 203
Creating GPOs to Manage Users and Computers 203
Understanding Security Settings in a GPO 204
Disabling Log On Locally with Group Policy 206
Controlling Removable Storage Access with Group Policy 209
Exploring Mobile Device Security 211
Protecting Mobile Devices Against Malware 212
Minimizing Risks with Bluetooth Devices 212
The Essentials and Beyond 213
Chapter 10 Enforcing Confidentiality with Encryption 215
Comparing Encryption Methods 216
Understanding Symmetric Encryption 216
Exploring AES 218
Understanding Asymmetric Encryption 219
Using Certificates to Share Public Keys 222
Understanding Hashing 223
Securing Email 225
Encrypting Email 226
Digitally Signing Email 228
Understanding EFS 231
Encrypting and Decrypting Files with EFS 232
Understanding the Recovery Agent 233
Understanding Behavior When Files Are Moved or Copied 233
Exploring BitLocker Drive Encryption 235
Understanding BitLocker Requirements 235
Understanding Recovery Keys 236
Using BitLocker To Go 237
The Essentials and Beyond 238
Chapter 11 Understanding Certificates and a PKI 241
Understanding a Certificate 241
Comparing Public and Private Keys 243
Understanding Certificate Errors 245
Viewing Certificate Properties 248
Exploring the Components of a PKI 251
Understanding the Certificate Chain 252
Comparing Certificate Services 254
The Essentials and Beyond 255
Chapter 12 Understanding Internet Explorer Security 257
Exploring Browser Settings 257
Understanding IE Enhanced Security Configuration 259
Selecting Cookies Settings 260
Manipulating the Pop-up Blocker 262
Using InPrivate Filtering and InPrivate Browsing 263
Deleting Browser History 265
Managing Add-ons 266
Exploring Advanced Security Settings 268
Comparing Security Zones 269
Using IE Tools to Identify Malicious Websites 272
Understanding the SmartScreen Filter 272
Modifying Protected Mode 273
The Essentials and Beyond 273
Appendix A Answers to Review Questions 277
Chapter 1 277
Chapter 2 278
Chapter 3 278
Chapter 4 279
Chapter 5 280
Chapter 6 281
Chapter 7 282
Chapter 8 282
Chapter 9 283
Chapter 10 284
Chapter 11 285
Chapter 12 286
Appendix B Microsoft’s Certification Program 287
Certification Objectives Map 288
Index 293
About the Author :
Darril Gibson, MCSE, MCITP, ITIL v3, Security+, CISSP, is the CEO of Security Consulting and Training, LLC. A Microsoft Certified Trainer since August, 1999, he regularly teaches, writes, and consults on a wide variety of security and technical topics. He has authored, coauthored, or contributed to 14 books on a wide range of topics that include Server 2008, Windows 7, SQL Server, CompTIA Security+, and security.
