Book Summary

If you're reading this, you've made it through all 15 chapters. I hope you agree that this is the best book you've ever read on Windows security. It covered specific problems and made specific recommendations, many of which you'll read nowhere else. Even more important than the massive amount of detail that this book contains are its main points:

• Focus on the correct attack threat. The risk coming automated threats is significantly higher than that from the dedicated attacker.

• Prevent malware from executing on the desktop in the first place, even if gets by all the other defenses.

• Practice defense in depth.

• The four single best defenses are as follows: Don't let your non-admin users be logged in as administrators, keep your software updated, prevent unauthorized software execution, and block more things by default.

• Security through obscurity works, and works well, but don't rely on it as your only defense.

• Don't rely on firewalls, antivirus programs, or end-user education alone to stop malware threats.

• Analyze your risks and apply biggest bang-for-the-buck defenses first (i.e., don't let non-admin users be logged in as administrators, disable LM password hash storage, etc.). Prioritize defenses from best to least effective.

• Block more stuff (high-risk files, high-risk registry entries) by default.

• Lastly, use Active Directory and Group Policy to automate security. If you don't automate your security, it won't be applied efficiently.

If you have any questions, please don't hesitate to e-mail me at roger@banneretcs.com. I always answer my e-mail.

Happy computing!