Page #99 (Index)

Chapter 1: Administering Vista Security-The Little Surprises

Figure 1.1: A Vista system with multiple boot options

Figure 1.2: ipconfig, with a new, scary look

Figure 1.3: Vista's Control Panel

Figure 1.4: Network Connections, Vista style

Figure 1.5: Vista's NIC Properties page

Figure 1.6: Configuring Remote Desktop in Vista

Figure 1.7: A Network Level Authentication logon dialog

Figure 1.8: Previous Versions tab in a file's Properties page

Figure 1.9: Typical Vista event

Figure 1.10: An event log entry's details

Figure 1.11: The Event Viewer

Figure 1.12: Creating a custom view in Vista's Event Viewer

Figure 1.13: Name your new custom view

Figure 1.14: Starting the Create Basic Task Wizard

Figure 1.15: Event Viewer offers three kinds of responses.

Figure 1.16: Setting up an e-mail notification

Figure 1.17: Summarizing the trigger

Figure 1.18: Changes? Off to the Task Scheduler

Figure 1.19: Shall we start the Windows Event Collector service?

Figure 1.20: Creating a subscription, part 1

Figure 1.21: More creation: pick the events to track

Figure 1.22: Just the Windows logs, please

Figure 1.23: XML-ese for the query

Figure 1.24: Subscription setup before activation

Chapter 2: Understanding User Account Control (UAC)-"Are You Sure, Mr. Administrator?"

Figure 2.1: Meet the "Consent UI"

Figure 2.2: Running a command prompt as administrator

Figure 2.3: Shortcut properties page, Shortcut tab

Figure 2.4: Advanced Shortcut properties

Figure 2.5: The Compatibility tab for a pre-Vista application

Figure 2.6: The Consent UI in another guise

Figure 2.7: UAC timed out!

Figure 2.8: The Administrative Tools folder, with and without shields

Figure 2.9: Opening Control Panel window

Figure 2.10: Opening screen on XN Resource Editor

Figure 2.11: XN Resource Editor with net.exe loaded

Figure 2.12: net.exe's manifest

Figure 2.13: The Program Compatibility Assistant

Figure 2.14: Half of the places where the Assistant remembers applications

Figure 2.15: A somewhat more demanding Consent UI

Figure 2.16: Vista dialog explaining that it can't run a program because it's not signed

Chapter 3: Help for Those Lame Apps-File and Registry Virtualization

Figure 3.1: The virtualized Testkey folder

Figure 3.2: A typical file virtualization event

Figure 3.3: Details of the file virtualization event

Chapter 4: Understanding Windows Integrity Control

Figure 4.1: Reading mandatory labels with icacls

Figure 4.2: Running Process Explorer on Vista

Figure 4.3: Internet Explorer 7 in Protected Mode

Figure 4.4: Enabling/disabling IE 7's Protected Mode

Figure 4.5: A medium integrity process deletes a high integrity object!

Figure 4.6: Mark amazingly deletes the file even though he is denied the "delete file" permission!

Figure 4.7: Mandatory integrity wins at last!

Figure 4.8: A file with only label-related ACEs

Figure 4.9: New default permissions on the \Windows directory

Figure 4.10: A typical DACL

Figure 4.11: Standard "create a new ACE" dialog box with "apply to" options visible

Chapter 5: BitLocker-Solving the Laptop Security Problem

Figure 5.1: Typical layout of a BitLocker-encrypted volume

Figure 5.2: BitLocker filter driver overview

Figure 5.3: Overview of the BitLocker encryption algorithm

Figure 5.4: Default key protectors

Figure 5.5: BitLocker TPM and TPM+ key protectors

Figure 5.6: BitLocker on a computer without TPM

Figure 5.7: Using a recovery password

Chapter 6: Post-Boot Protection-Code Integrity, New Code Signing Rules, and PatchGuard

Figure 6.1: Internet Explorer ActiveX controls options

Figure 6.2: Internet Explorer default security level

Chapter 7: How Vista Secures Services

Figure 7.1: Svchosts running on a Vista system

Figure 7.2: Services running in a given svchost

Figure 7.3: The svchost's token displayed in Process Explorer

Figure 7.4: Specifying a service name for a permission