You are previewing Microsoft® Windows® Security: Essentials.
O'Reilly logo
Microsoft® Windows® Security: Essentials

Book Description

Windows security concepts and technologies for IT beginners

IT security can be a complex topic, especially for those new to the field of IT. This full-color book, with a focus on the Microsoft Technology Associate (MTA) program, offers a clear and easy-to-understand approach to Windows security risks and attacks for newcomers to the world of IT. By paring down to just the essentials, beginners gain a solid foundation of security concepts upon which more advanced topics and technologies can be built.

This straightforward guide begins each chapter by laying out a list of topics to be discussed, followed by a concise discussion of the core networking skills you need to have to gain a strong handle on the subject matter. Chapters conclude with review questions and suggested labs so you can measure your level of understanding of the chapter's content.

  • Serves as an ideal resource for gaining a solid understanding of fundamental security concepts and skills
  • Offers a straightforward and direct approach to security basics and covers anti-malware software products, firewalls, network topologies and devices, network ports, and more
  • Reviews all the topics you need to know for taking the MTA 98-367 exam
  • Provides an overview of security components, looks at securing access with permissions, addresses audit policies and network auditing, and examines protecting clients and servers

If you're new to IT and interested in entering the IT workforce, then Microsoft Windows Security Essentials is essential reading.

Table of Contents

  1. Cover
  2. Title Page
  3. Credits
  4. Copyright
  5. Publisher's Note
  6. Dedication
  7. Acknowledgments
  8. About the Author
  9. Introduction
    1. Who Should Read This Book
    2. What Is Covered in This Book
  10. Chapter 1: Understanding Core Security Principles
    1. Understanding Risk
    2. Exploring the Security Triad
    3. Implementing a Defense-in-Depth Security Strategy
    4. Enforcing the Principle of Least Privilege
    5. Hardening a Server
    6. The Essentials and Beyond
  11. Chapter 2: Understanding Malware and Social Engineering
    1. Comparing Malware
    2. Protecting Against Malware
    3. Thwarting Social-Engineering Attacks
    4. Protecting Email
    5. The Essentials and Beyond
  12. Chapter 3: Understanding User Authentication
    1. Comparing the Three Factors of Authentication
    2. Using Passwords for Authentication
    3. Using Smart Cards and Token Devices for Authentication
    4. Using Biometrics for Authentication
    5. Starting Applications with Run As Administrator
    6. Preventing Time Skew with Kerberos
    7. Identifying RADIUS Capabilities
    8. Identifying Unsecure Authentication Protocols
    9. The Essentials and Beyond
  13. Chapter 4: Securing Access with Permissions
    1. Comparing NTFS Permissions
    2. Exploring Share Permissions
    3. Identifying Active Directory Permissions
    4. Assigning Registry Permissions
    5. The Essentials and Beyond
  14. Chapter 5: Using Audit Policies and Network Auditing
    1. Exploring Audit Policies
    2. Enabling Auditing
    3. Viewing Audit Information
    4. Managing Security Logs
    5. Auditing a Network with MBSA
    6. The Essentials and Beyond
  15. Chapter 6: Protecting Clients and Servers
    1. Understanding User Account Control
    2. Keeping Systems Updated
    3. Protecting Clients
    4. Protecting Servers
    5. Exploring DNS Security Issues
    6. The Essentials and Beyond
  16. Chapter 7: Protecting a Network
    1. Identifying Common Attack Methods
    2. Exploring Firewalls
    3. Exploring Network Access Protection
    4. Identifying Protocol Security Methods
    5. The Essentials and Beyond
  17. Chapter 8: Understanding Wireless Security
    1. Comparing Wireless Devices
    2. Comparing Wireless Security Methods
    3. Configuring Wireless Routers
    4. Configuring Windows 7 for Wireless
    5. The Essentials and Beyond
  18. Chapter 9: Understanding Physical Security
    1. Comparing Site Security and Computer Security
    2. Using Group Policy to Enhance Computer Security
    3. Exploring Mobile Device Security
    4. The Essentials and Beyond
  19. Chapter 10: Enforcing Confidentiality with Encryption
    1. Comparing Encryption Methods
    2. Securing Email
    3. Understanding EFS
    4. Exploring BitLocker Drive Encryption
    5. The Essentials and Beyond
  20. Chapter 11: Understanding Certificates and a PKI
    1. Understanding a Certificate
    2. Exploring the Components of a PKI
    3. The Essentials and Beyond
  21. Chapter 12: Understanding Internet Explorer Security
    1. Exploring Browser Settings
    2. Comparing Security Zones
    3. Using IE Tools to Identify Malicious Websites
    4. The Essentials and Beyond
  22. Appendix A: Answers to Review Questions
    1. Chapter 1
    2. Chapter 2
    3. Chapter 3
    4. Chapter 4
    5. Chapter 5
    6. Chapter 6
    7. Chapter 7
    8. Chapter 8
    9. Chapter 9
    10. Chapter 10
    11. Chapter 11
    12. Chapter 12
  23. Appendix B: Microsoft’s Certification Program
    1. Certification Objectives Map
  24. Index
  25. Appendix C: Answers to Additional Exercises
    1. Chapter 1
    2. Chapter 2
    3. Chapter 3
    4. Chapter 4
    5. Chapter 5
    6. Chapter 6
    7. Chapter 7
    8. Chapter 8
    9. Chapter 9
    10. Chapter 10
    11. Chapter 11
    12. Chapter 12
  26. Appendix D: Optional Lab to Create a Virtual Environment
    1. Identifying the Requirements
    2. Configuring Windows 7 with Virtualization
    3. Locating and Downloading an Evaluation Copy of Windows Server 2008
    4. Creating a Virtual Machine for Windows Server 2008
    5. Installing Windows Server 2008 on a Virtual Machine
    6. Configuring Windows Server 2008 on a Virtual Machine
    7. Promoting Windows Server 2008 to a Domain Controller
    8. Applying Changes to the Domain Controller
  27. Glossary