Microsoft Windows Security Essentials

Windows security concepts and technologies for IT beginners IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built. This straightforward guide begins each chapter by laying out a list of topics to be discussed, followed by a concise discussion of the core networking skills you need to have to gain a strong handle on the subject matter. Chapters conclude with review questions and suggested labs so you can measure your level of understanding of the chapter's content. Serves as an ideal resource for gaining a solid understanding of fundamental security concepts and skills Offers a straightforward and direct approach to security basics and covers anti-malware software products, firewalls, network topologies and devices, network ports, and more Reviews all the topics you need to know for taking the MTA 98-367 exam Provides an overview of security components, looks at securing access with permissions, addresses audit policies and network auditing, and examines protecting clients and servers If you're new to IT and interested in entering the IT workforce, then Microsoft Windows Security Essentials is essential reading.

Table of Contents:
Introduction xix Chapter 1 Understanding Core Security Principles 1 Understanding Risk 1 Exploring the Security Triad 4 Protecting Against Loss of Confidentiality 5 Protecting Against Loss of Availability 5 Protecting Against Loss of Integrity 6 Implementing a Defense-in-Depth Security Strategy 7 Enforcing the Principle of Least Privilege 9 Hardening a Server 10 Reducing the Attack Surface 11 Keeping a System Updated 14 Enabling the Firewall 16 Installing Antivirus Software 16 The Essentials and Beyond 16 Chapter 2 Understanding Malware and Social Engineering 19 Comparing Malware 19 Viruses 21 Worms 22 Trojan Horses 23 Buffer-Overflow Attacks 25 Spyware 26 Understanding the Threat 27 Protecting Against Malware 28 Using Antivirus Software 29 Using Microsoft Security Essentials on Desktops 31 Thwarting Social-Engineering Attacks 34 Social Engineering in Person 34 Social Engineering with a Phone Call 34 Recognizing Phishing Attempts 35 Recognizing Pharming 38 Protecting Email 39 The Essentials and Beyond 41 Chapter 3 Understanding User Authentication 43 Comparing the Three Factors of Authentication 44 Using Passwords for Authentication 45 Comparing Password Attack Methods 45 Creating Strong Passwords 47 Enforcing Strong Passwords 49 Exploring Account Lockout Policies 51 Unlocking an Account 53 Resetting a Password 55 Changing a Password 57 Creating a Password-Reset Disk 58 Using Smart Cards and Token Devices for Authentication 59 Using Biometrics for Authentication 60 Starting Applications with Run As Administrator 61 Preventing Time Skew with Kerberos 63 Identifying RADIUS Capabilities 64 Identifying Unsecure Authentication Protocols 65 LM 66 NTLM (NTLMv1) 66 The Essentials and Beyond 67 Chapter 4 Securing Access with Permissions 69 Comparing NTFS Permissions 69 Identifying Basic NTFS Permissions 70 Identifying Advanced NTFS Permissions 71 Combining Permissions 75 Enabling and Disabling Permission Inheritance 76 Moving and Copying Files 79 Comparing NTFS and FAT 81 Exploring Share Permissions 81 Identifying Share Permissions 83 Combining NTFS and Share Permissions 85 Identifying Active Directory Permissions 87 Viewing Active Directory Users and Computers 87 Comparing NTFS and Active Directory Permissions 88 Viewing Active Directory Permissions 88 Assigning Registry Permissions 91 The Essentials and Beyond 93 Chapter 5 Using Audit Policies and Network Auditing 95 Exploring Audit Policies 96 Exploring Object Access Auditing 99 Comparing Account Logon and Logon Events 101 Exploring Directory Service Access Auditing 102 Understanding Account Management Auditing 103 Understanding System Events Auditing 103 Understanding Privilege Use Auditing 104 Understanding Policy Change Auditing 105 Understanding Process Tracking 105 Enabling Auditing 105 Enabling Object Access Auditing 107 Enabling Directory Service Access Auditing 108 Viewing Audit Information 110 Managing Security Logs 111 Saving Audit Information 113 Securing Audit Information 113 Auditing a Network with MBSA 114 Installing MBSA 116 Running MBSA 116 The Essentials and Beyond 117 Chapter 6 Protecting Clients and Servers 121 Understanding User Account Control 122 Understanding the Dimmed Desktop 123 Modifying User Account Control 123 Keeping Systems Updated 125 Updating Systems with Automatic Updates 126 Updating Systems with WSUS or SCCM 128 Using Group Policy to Configure Clients 129 Protecting Clients 130 Understanding Offline Folders 130 Encrypting Offline Folders 132 Using Software-Restriction Policies 133 Protecting Servers 135 Using Separate VLANs 136 Separating Services 136 Using Read-Only Domain Controllers 139 Exploring DNS Security Issues 140 Protecting Against Email Spoofing with SPF Records 141 Understanding Dynamic Updates 141 Using Secure Dynamic Updates 142 The Essentials and Beyond 144 Chapter 7 Protecting a Network 147 Identifying Common Attack Methods 147 Denial of Service 148 Distributed Denial of Service 149 Sniffing Attack 149 Spoofing Attack 151 Port Scan 151 Exploring Firewalls 153 Comparing Hardware-Based and Software-Based Firewalls 154 Comparing UTMs and SCMs 155 Isolating Servers on Perimeter Networks 157 Using Honeypots 159 Isolating a Network with NAT 159 Exploring Network Access Protection 159 Understanding NAP Components 160 Evaluating Client Health with VPN Enforcement 162 Using Other NAP Enforcement Methods 163 Identifying NAP Requirements 163 Identifying Protocol Security Methods 164 IPsec 165 Comparing Tunneling Protocols 166 DNSSEC 167 The Essentials and Beyond 168 Chapter 8 Understanding Wireless Security 171 Comparing Wireless Devices 171 Wireless Adapters 172 Wireless Access Points 173 Wireless Routers 173 Comparing Wireless Security Methods 174 Understanding Encryption Keys 175 Wired Equivalent Privacy 175 Wi-Fi Protected Access 176 Wi-Fi Protected Access Version 2 177 Extended Authentication Protocol 178 Viewing Windows 7 Wireless Settings 179 Configuring Wireless Routers 183 Changing the Default Administrator Password 183 Changing the SSID 183 To Broadcast or Not to Broadcast 185 Using MAC Filters 187 Configuring Windows 7 for Wireless 189 The Essentials and Beyond 190 Chapter 9 Understanding Physical Security 193 Comparing Site Security and Computer Security 194 Understanding the Importance of Physical Security 194 Controlling Physical Access 196 Using Switches Instead of Hubs 199 Using Group Policy to Enhance Computer Security 200 Understanding Default GPOs 200 Designing OUs and GPOs to Manage Users and Computers 201 Creating OUs in a Domain 202 Moving Objects into an OU 203 Creating GPOs to Manage Users and Computers 203 Understanding Security Settings in a GPO 204 Disabling Log On Locally with Group Policy 206 Controlling Removable Storage Access with Group Policy 209 Exploring Mobile Device Security 211 Protecting Mobile Devices Against Malware 212 Minimizing Risks with Bluetooth Devices 212 The Essentials and Beyond 213 Chapter 10 Enforcing Confidentiality with Encryption 215 Comparing Encryption Methods 216 Understanding Symmetric Encryption 216 Exploring AES 218 Understanding Asymmetric Encryption 219 Using Certificates to Share Public Keys 222 Understanding Hashing 223 Securing Email 225 Encrypting Email 226 Digitally Signing Email 228 Understanding EFS 231 Encrypting and Decrypting Files with EFS 232 Understanding the Recovery Agent 233 Understanding Behavior When Files Are Moved or Copied 233 Exploring BitLocker Drive Encryption 235 Understanding BitLocker Requirements 235 Understanding Recovery Keys 236 Using BitLocker To Go 237 The Essentials and Beyond 238 Chapter 11 Understanding Certificates and a PKI 241 Understanding a Certificate 241 Comparing Public and Private Keys 243 Understanding Certificate Errors 245 Viewing Certificate Properties 248 Exploring the Components of a PKI 251 Understanding the Certificate Chain 252 Comparing Certificate Services 254 The Essentials and Beyond 255 Chapter 12 Understanding Internet Explorer Security 257 Exploring Browser Settings 257 Understanding IE Enhanced Security Configuration 259 Selecting Cookies Settings 260 Manipulating the Pop-up Blocker 262 Using InPrivate Filtering and InPrivate Browsing 263 Deleting Browser History 265 Managing Add-ons 266 Exploring Advanced Security Settings 268 Comparing Security Zones 269 Using IE Tools to Identify Malicious Websites 272 Understanding the SmartScreen Filter 272 Modifying Protected Mode 273 The Essentials and Beyond 273 Appendix A Answers to Review Questions 277 Chapter 1 277 Chapter 2 278 Chapter 3 278 Chapter 4 279 Chapter 5 280 Chapter 6 281 Chapter 7 282 Chapter 8 282 Chapter 9 283 Chapter 10 284 Chapter 11 285 Chapter 12 286 Appendix B Microsoft’s Certification Program 287 Certification Objectives Map 288 Index 293

About the Author :
Darril Gibson, MCSE, MCITP, ITIL v3, Security+, CISSP, is the CEO of Security Consulting and Training, LLC. A Microsoft Certified Trainer since August, 1999, he regularly teaches, writes, and consults on a wide variety of security and technical topics. He has authored, coauthored, or contributed to 14 books on a wide range of topics that include Server 2008, Windows 7, SQL Server, CompTIA Security+, and security.