You are previewing Microsoft® Windows® Security Resource Kit, Second Edition.
O'Reilly logo
Microsoft® Windows® Security Resource Kit, Second Edition

Book Description

Fully updated and revised, this official MICROSOFT RESOURCE KIT delivers the in-depth information and tools you need to plan and implement a comprehensive security-management strategy for Windows-based clients, servers, and networks.

Table of Contents

  1. Copyright
  2. Foreword
  3. Acknowledgments
  4. Introduction
  5. Applying Key Principles of Security
    1. Key Principles of Security
      1. Understanding Risk Management
      2. Understanding Security
    2. Understanding Your Enemy
      1. Knowing Yourself
      2. Possessing Detailed Documentation on Your Network
      3. Understanding the Level of Organizational Support You Receive
      4. Identifying Your Attacker
      5. What Motivates Attackers
      6. Why Defending Networks Is Difficult
  6. Securing Active Directory
    1. Configuring Security for User Accounts and Passwords
      1. Securing Accounts
      2. Granting Rights and Permissions Using Groups
      3. Best Practices
      4. Additional Information
    2. Configuring Authentication for Microsoft Windows
      1. Storing and Transmitting Credentials
      2. Storing Secrets in Windows
      3. Best Practices
      4. Additional Information
    3. Configuring Security on Active Directory Objects and Attributes
      1. Understanding the Active Directory Schema
      2. Configuring DACLs to Secure Active Directory Objects
      3. Securing Active Directory Objects and Attributes
      4. Best Practices
      5. Additional Information
    4. Implementing Group Policy for Security
      1. Understanding Group Policy
      2. Processing Group Policy Objects
      3. Altering Group Policy Application
      4. Managing Group Policy
      5. Best Practices
      6. Additional Information
    5. Designing Domains and Forests for Security
      1. Autonomy and Isolation in Active Directory
      2. Designing Forests for Active Directory Security
      3. Designing Domains for Active Directory Security
      4. Designing DNS for Active Directory Security
      5. Designing the Delegation of Authority
      6. Best Practices
      7. Additional Information
  7. Securing the Core Operating System
    1. Controlling Access to Data
      1. Securing File and Folder Permissions
      2. Using the Encrypting File System
      3. Securing Registry Permissions
      4. Best Practices
      5. Additional Information
    2. Managing Security for System Services
      1. Managing Service Permissions
      2. Default Services in Windows Server 2003, Windows 2000, and Windows XP
      3. Best Practices
      4. Additional Information
    3. Implementing TCP/IP Security
      1. Securing TCP/IP
      2. Using IPSec
      3. Best Practices
      4. Additional Information
    4. Creating and Configuring Security Templates
      1. Using Security Template Settings
      2. How Security Templates Work
      3. Default Security Templates
      4. Creating Custom Security Templates
      5. Best Practices
      6. Additional Information
    5. Managing Microsoft Internet Explorer Security and Privacy
      1. Security Settings in Internet Explorer
      2. Best Practices
      3. Additional Information
    6. Managing Microsoft Office XP Security and Privacy
      1. Configuring ActiveX and Macros Security
      2. Protecting Documents in Office XP
      3. Configuring Security for Outlook 2002
      4. Best Practices
      5. Additional Information
    7. Managing Microsoft Office System 2003 Security and Privacy
      1. Configuring ActiveX and Macros Security
      2. Protecting Documents in Office System 2003
      3. Configuring Security for Outlook 2003
      4. Best Practices
      5. Additional Information
    8. Auditing Microsoft Windows Security Events
      1. Determining Which Events to Audit
      2. Managing the Event Viewer
      3. Configuring Audit Policies
      4. Monitoring Audited Events
      5. Best Practices
      6. Additional Information
    9. Implementing Security for Mobile Computers
      1. Understanding Mobile Computers
      2. Implementing Additional Security for Laptop Computers
      3. Securing Wireless Networking in Windows XP
      4. Best Practices
      5. Additional Information
  8. Securing Common Services
    1. Implementing Security for Domain Controllers
      1. Threats to Domain Controllers
      2. Implementing Security on Domain Controllers
      3. Best Practices
      4. Additional Information
    2. Implementing Security for DNS Servers
      1. Threats to DNS Servers
      2. Securing DNS Servers
      3. Best Practices
      4. Additional Information
    3. Implementing Security for Terminal Services
      1. Threats to Terminal Services
      2. Securing Terminal Services
      3. Best Practices
      4. Additional Information
    4. Implementing Security for DHCP Servers
      1. Threats to DHCP Servers
      2. Securing DHCP Servers
      3. Best Practices
      4. Additional Information
    5. Implementing Security for WINS Servers
      1. Threats to WINS Servers
      2. Securing WINS Servers
      3. Best Practices
      4. Additional Information
    6. Implementing Security for Routing and Remote Access
      1. Remote Access Solution Components
      2. Threats to Remote Access Solutions
      3. Securing Remote Access Servers
      4. Securing Remote Access Clients
      5. Best Practices
      6. Additional Information
    7. Implementing Security for Certificate Services
      1. Threats to Certificate Services
      2. Securing Certificate Services
      3. Best Practices
      4. Additional Information
    8. Implementing Security for Microsoft IIS
      1. Implementing Windows Security
      2. Configuring IIS Security Settings Common to Windows 2000 and Windows Server 2003
      3. Implementing Additional Security Measures for IIS 5.0
      4. Configuring Additional Security Measures for IIS 6.0
      5. Configuring the FTP Service
      6. Best Practices
      7. Additional Information
    9. Designing an 802.1x Authentication Infrastructure
      1. How 802.1x Authentication Works
      2. Threats Faced in Networked Environments
      3. 802.1x Authentication Types
      4. Protecting Communications
      5. Planning Certificates for 802.1x Authentication
      6. Deploying Certificates to Users and Computers
      7. Implementing 802.1x Authentication
      8. Best Practices
      9. Additional Information
  9. Managing Security Updates
    1. Patch Management
      1. Types of Patches
      2. Development of a Security Update
      3. Patch Management in Six Steps
      4. Best Practices
      5. Additional Information
    2. Using Patch Management Tools
      1. The Security Patch Bulletin Catalog
      2. Windows Update
      3. Automatic Updates
      4. Microsoft Software Update Services
      5. Office Update
      6. Windows Update Services
      7. Microsoft Baseline Security Analyzer
      8. SMS 2.0 Software Update Services Feature Pack
      9. Microsoft Systems Management Server 2003
      10. Best Practices
      11. Additional Information
  10. Planning and Performing Security Assessments and Incident Responses
    1. Assessing the Security of a Network
      1. Types of Security Assessments
      2. How to Conduct Security Assessments
      3. Conducting Penetration Tests
      4. Best Practices
      5. Additional Information
    2. Using Security Assessment Tools
      1. Defining Baseline Security
      2. Assessing Security Configuration
      3. Performing Security Assessments
      4. Best Practices
      5. Additional Information
    3. Planning for Incident Response
      1. Creating an Incident Response Team
      2. Defining Incident Response Policy
      3. Creating a Communications Plan
      4. Best Practices
      5. Additional Information
    4. Responding to Security Incidents
      1. Common Indicators of Security Incidents
      2. Analyzing a Security Incident
      3. Conducting Security Investigations
      4. Implementing Countermeasures to a Security Incident
      5. Recovering Services After a Security Incident
      6. Conducting a Security Incident Postmortem
      7. Best Practices
      8. Additional Information
  11. About the Authors
  12. Index