Free Delivery Over $100
|
|
|||
|
||||
OverviewIn this book, two senior members of Microsoft s Security and Business Technology Unit present a complete Defense in Depth model for protecting any Windows network - no matter how large or complex. Drawing on their work with hundreds of enterprise customers, they systematically address all three elements of a successful security program: people, processes, and technology. Unlike security books that focus on individual attacks and countermeasures, this book shows how to address the problem holistically, in its entirety. Through hands - on examples and practical case studies, youll learn how to integrate multiple defenses - deterring attacks, delaying them, and increasing the cost to the attacker. Coverage includes. Improving security from the top of the network stack to the bottom. Understanding what you need to do right away, and what can wait. Avoiding pseudo - solutions that offer a false sense of security. Developing effective security policies - and educating those pesky users. Beefing up your first line of defense: physical and perimeter security. Modeling threats and identifying security dependencies. Preventing rogue access from inside the network. Systematically hardening Windows servers and clients. Protecting client applications, server applications, and web services. Detecting intrusions and mitigating the effects of successful attacks. Addressing the unique challenges of small business network security. Authoritative and thorough, Protect Your Windows Network will be the standard Microsoft security guide for sysadmins, netadmins, security professionals, architects, and technical decision - makers alike. (c) Copyright Pearson Education. All rights reserved. Full Product DetailsAuthor: Jesper M. Johansson , Steve RileyPublisher: Pearson Education (US) Imprint: Addison-Wesley Educational Publishers Inc Dimensions: Width: 17.90cm , Height: 3.10cm , Length: 24.10cm Weight: 0.888kg ISBN: 9780321336439ISBN 10: 0321336437 Pages: 608 Publication Date: 14 June 2005 Audience: College/higher education , Tertiary & Higher Education Format: Mixed media product Publisher's Status: Out of Print Availability: Out of stock  Table of ContentsAcknowledgments. About the Authors. Preface. I. INTRODUCTION AND FUNDAMENTALS. 1. Introduction to Network Protection. Why Would Someone Attack Me? Nobody Will Ever Call You to Tell You How Well the Network Is Working Introduction to the Defense-in-Depth Model The Defender's Dilemma Summary What You Should Do Today 2. Anatomy of a Hack-The Rise and Fall of Your Network. What a Penetration Test Will Not Tell You Why You Need To Understand Hacking Target Network Network Footprinting Initial Compromise Elevating Privileges Hacking Other Machines Taking Over the Domain Post-mortem How to Get an Attacker Out of Your Network Summary What You Should Do Today 3. Rule Number 1: Patch Your Systems. Patches Are a Fact of Life Exercise Good Judgment What Is a Patch? Patch Management Is Risk Management Tools to Manage Security Updates Advanced Tips and Tricks Slipstreaming Summary What You Should Do Today II. POLICIES, PROCEDURES, AND USER AWARENESS. 4. Developing Security Policies. Who Owns Developing Security Policy What a Security Policy Looks Like Why a Security Policy Is Necessary Why So Many Security Policies Fail Analyzing Your Security Needs to Develop _Appropriate Policies How to Make Users Aware of Security Policies Procedures to Enforce Policies Dealing with Breaches of Policy More Information Summary What You Should Do Today 5. Educating Those Pesky Users. System Administration ? Security Administration Securing People The Problem Protecting People Plausibility + Dread + Novelty = Compromise Things You Should Do Today III. PHYSICAL AND PERIMETER SECURITY: THE FIRST LINE OF DEFENSE. 6. If You Do Not Have Physical Security, You Do Not Have Security. But First, a Story It's a Fundamental Law of Computer Security The Importance of Physical Access Controls Protecting Client PCs The Case of the Stolen Laptop The Family PC No Security, Physical or Otherwise, Is Completely Foolproof Things You Should Do Today 7. Protecting Your Perimeter. The Objectives of Information Security The Role of the Network Start with (What's Left of) Your Border Next, Use the Right Firewall Then, Consider Your Remote Access Needs Finally, Start Thinking About Deperimeterization Things You Should Do Today IV. PROTECTING YOUR NETWORK INSIDE THE PERIMETER. 8. Security Dependencies. Introduction to Security Dependencies Administrative Security Dependencies Service Account Dependencies Mitigating Service and Administrative Dependencies Other Security Dependencies Summary What You Should Do Today 9. Network Threat Modeling. Network Threat Modeling Process Document Your Network Segment Your Network Restrict Access to Your Network Summary What You Should Do Today 10. Preventing Rogue Access Inside the Network. The Myth of Network Sniffing Network Protection at Layers 2 and 3 Using 802.1X for Network Protection Using IPsec for Network Protection Network Quarantine Systems Summary What You Should Do Today 11. Passwords and Other Authentication Mechanisms-The Last Line of Defense. Introduction Password Basics Password History What Administrators Need to Know About Passwords Password Best Practices Recommended Password Policy Better Than Best Practices-Multifactor Authentication Summary What You Should Do Today V. PROTECTING HOSTS. 12. Server and Client Hardening. Security Configuration Myths On to the Tweaks Top 10 (or so) Server Security Tweaks Top 10 (or so) Client Security Tweaks The Caution List-Changes You Should Not Make Security Configuration Tools Summary What You Should Do Today VI. PROTECTING APPLICATIONS. 13. Protecting User Applications. Patch Them! Make Them Run As a Nonadmin Turn Off Functionality Restrict Browser Functionality Attachment Manager Spyware Security Between Chair and Keyboard (SeBCAK) Summary What You Should Do Today 14. Protecting Services and Server Applications. You Need a Healthy Disrespect for Your Computer Rule 1: All Samples Are Evil Three Steps to Lowering the Attack Surface What About Service Accounts? Privileges Your Services Do Not Need Hardening SQL Server 2000 Hardening IIS 5.0 and 6.0 Summary What You Should Do Today 15. Security for Small Businesses. Protect Your Desktops and Laptops Protect Your Servers Protect Your Network Keep Your Data Safe Use the Internet Safely Small Business Security Is No Different, Really What You Should Do Today 16. Evaluating Application Security. Caution: More Software May Be Hazardous to Your Network Health Baseline the System Things to Watch Out For Summary What You Should Do Today VII. PROTECTING DATA. 17. Data-Protection Mechanisms. Security Group Review Access Control Lists Layers of Access Control Access Control Best Practices Rights Management Systems Incorporating Data Protection into Your Applications Protected Data: Our Real Goal What You Should Do Today Appendix A: How to Get Your Network Hacked in 10 Easy Steps. Appendix B: Script To Revoke SQL Server PUBLIC Permissions. Appendix C. HOSTS file to Block Spyware. Appendix D. Password Generator Tool. -g (Generate Password Based on Known Input) -r (Generate Random Password) -s (Set a Password on an Account and/or Service) Security Information Usage Scenarios Appendix E: 10 Immutable Laws of Security. Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore. Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore. Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore. Law #4: -If you allow a bad guy to upload programs to your Web site, it's not your Web site any more. Law #5: Weak passwords trump strong security. Law #6: A computer is only as secure as the administrator is trustworthy. Law #7: Encrypted data is only as secure as the decryption key. Law #8: An out-of-date virus scanner is only marginally better than no virus scanner at all. Law #9: Absolute anonymity isn't practical, in real life or on the Web. Law #10: Technology is not a panacea. Index.ReviewsAuthor InformationJesper M. Johansson, Microsoft's Senior Program Manager for Security Policy, is responsible for the tools Microsoft customers use to implement security policies, including the Security Configuration Wizard and Editor. A frequent speaker at leading security events, he holds a Ph.D. in MIS, as well as CISSP and ISSAP certification. Steve Riley, Senior Program Manager in Microsoft's Security Business and Technology unit, specializes in network/host security, protocols, network design, and security policies and processes. He has conducted security assessments and risk analyses, deployed security technologies, and designed highly available network architectures for ISPs, ASPs, and major enterprises. A(c) Copyright Pearson Education. All rights reserved. Tab Content 6Author Website:Countries AvailableAll regions |
||||
