Chapter 9 covered the various ways to prevent unauthorized software execution, which is the number one way to defeat malware and malicious hackers. It recommends a deny-by-default rule and covers the various methods and techniques for locking down application software, including using NTFS permissions, unregistering programs, setting kill bits, and using software restriction policies. Chapter 10 will cover Internet Explorer security in depth.