How This Book Is Organized


The book is organized into 5 parts with 15 chapters:

  • Part I, "Introducing Windows Vista"

  • Part II, "Host-Based Security"

  • Part III, "Securing Internet and E-mail Access"

  • Part IV, "Securing Windows Networks"

  • Part V, "Group Policy and Best Practices"

Part I is an overview of the new security features of Windows Vista, how malicious hackers hack, and how Windows functions in general.

Part II focuses on general host-based security controls, such as User Account Control, Windows Defender, and application security. Because most of today's computer attacks use client-side, host-based vectors, this is an especially important section.

Part III focuses on securing Internet Explorer and e-mail from the client perspective and IIS from the server perspective. Browser and e-mail programs are involved in most of today's malicious exploits. Part III introduces Internet Explorer 7, Windows Mail, and IIS 7.

Part IV discusses the improved Windows Firewall, IPsec, and wireless security. Part IV also includes a section about one of the most promising network security techniques available today-Server and Domain Isolation.

Part V focuses on automating security using group policy and finishes in Chapter 15 with point-counterpoint discussions between the two authors. The last chapter summarizes the authors' strongest held defense beliefs and recommendations.

Chapter 1, "New Security Features"

Chapter 1 begins by discussing, sometimes in detail, the most significant new security changes to Windows Vista from previous Windows versions. It discusses dozens of new security features. It is a quick, one-stop, shop chapter for readers who want to quickly learn what new features Vista has.

Chapter 2, "How Hackers Attack"

In order to defend appropriately, you must understand what you are up against. Contrary to popular belief, most attacks on Windows computers are not one-off attacks by dedicated human attackers. Instead, the vast majority of attacks are automated from malware programs. However, automated or not, both human attackers and automated malware use similar hacking techniques. Chapter 2 summarizes the various forms of automated malware and discusses the main hacking techniques.

Chapter 3, "Windows Infrastructure"

Microsoft Windows is a complex operating system. Chapter 3 attempts to demystify some of the lesser known operational infrastructures. Essentially, this chapter explains how Windows really works. It covers security principals, rights, privileges, permissions, objects, delegation, and impersonation. After reading this chapter, the average Windows administrator should understand more about Windows and how it operates than ever before.

Chapter 4, "User Account Control"

User Account Control (UAC), more than any other feature, is the face of Windows Vista security. Chapter 4 discusses UAC in detail, talking about what it is, why it was created, and what it isn't made to do. UAC is a great security addition to the Windows family, but not for the reasons most people first believe. Many users who don't understand its role may disable it or, just as bad, ascribe it too much importance.

Chapter 5, "Managing Access Control"

This chapter discusses file permissions, share permissions, and Registry permissions. You will learn the changes in access control lists and group permissions. You will also learn how to manage ACLs.

Chapter 6, "Application Security"

Chapter 6 covers Windows Vista's new application security features, and how administrators and end users should approach and configure applications. Legacy applications could have a hard time working on Windows Vista without a bit of tweaking. This chapter covers manifest files, elevation levels, virtualization, and service hardening.

Chapter 7, "Vista Client Protection"

Chapter 7 covers Microsoft's newest client-side initiatives against malware programs, including the Malicious Software Removal Tool, Security Center, Windows Defender, Windows Live OneCare, and Microsoft Forefront Client Security.

Chapter 8, "Securing Internet Explorer"

Internet Explorer is the most attacked software program on the planet. It is almost single-handedly responsible (together with IIS) for Microsoft's bad reputation on security around the turn of the century. The continued assault on IE and multiple vulnerabilities creates uncertainty and doubt among customers about Microsoft's ongoing commitment to security. With this in mind, Microsoft released Internet Explorer 7 and a Vista-only security protection, called Protected Mode, to quiet the critics, at least for a while. By the time we wrote this, Internet Explorer 7 has proven to be more secure and robust than its predecessor versions but only time will tell how well it will hold up.

Chapter 9, "Introducing IIS 7"

IIS 6 was a tremendous security success for Microsoft. IIS 7 builds on that success and attempts to make IIS more granular, and in the process, even more secure. Most people expected IIS 7 to be released in Microsoft's forthcoming server product, but it makes its first appearance in Windows Vista. Chapter 9 covers all the significant security features of IIS 7 and gives step-by-step instructions for building a hardened web server.

Chapter 10, "Protecting E-mail"

Windows Mail replaces Outlook Express as Windows' new e-mail client. Redesigned from the ground up, Windows Mail is intended to be a more secure e-mail client comparable to the other security improvements in Vista. Read Chapter 10 to learn more about Windows Mail and its new security features.

Chapter 11, "Managing Windows Firewall"

Windows Vista contains a significantly improved Windows Firewall. Besides new configuration GUIs and command-line controls, Windows Firewall has outbound blocking and better integration with IPsec. Chapter 11 will cover the new, improved Windows Firewall.

Chapter 12, "Server and Domain Isolation"

Host-based and perimeter-based firewalls are not enough protection these days for enterprise networks. Essentially, an administrator must map all the legitimate traffic that should be allowed between various hosts and deny all traffic that isn't specifically allowed. Chapter 12 covers domain isolation and IPsec.

Chapter 13, "Wireless Security"

Almost every corporate environment, and home it seems, has a wireless network. Wired Equivalent Privacy (WEP) has been replaced by stronger WPA, WPA2, and 802.11i security. Chapter 13 covers the most popular Wi-Fi technologies, threats to wireless networks, and wireless security recommendations.

Chapter 14, "Using Group Policy"

If security isn't automated, it will most likely not be done. Windows Vista is seeing what is likely the most significant upgrade to Group Policy since Group Policy was introduced with Windows 2000. In this chapter, we go over the new and updated features, as well as a selection of the 812 new Group Policy settings.

Chapter 15 "Thinking About Security"

Chapter 15 includes a point-counterpoint discussion between the two authors on what they feel are the most significant security recommendations an administrator can implement. This chapter captures the collective thoughts from two industry veterans of 20 years, and security tips learned as Microsoft insiders and outsiders. Much of the practical advice dispensed here will be found in no other book.

Appendixes

Appendix A covers step-by-step instructions for making a Windows PE boot disk. Appendix B lists many of the recommended resources the authors used in preparing this book.

The 15 chapters of Windows Vista Security: Securing Vista Against Malicious Attacks provide a solid introduction to the new security features in Windows Vista and make recommendation after recommendation for the reader to implement. Most chapters, where it makes sense, contain a Best Practices recommendation section so the reader can quickly review the most important points and use them in their environments.

All readers should start with Chapter 1, "New Security Features," to get a quick understanding of all the new features in Windows Vista. Readers who already understand hacking and malware methodology can skip Chapter 2, "How Hackers Attack," although there are guaranteed to be fine points that can benefit any administrator. Chapter 3, "Windows Infrastructure," should be read by all readers to make sure they have a common, strong foundation of the basic Windows infrastructure concepts. Likewise, given the pervasive nature and strategic importance of UAC, it should be considered required reading as well.

The chapters in Part II, "Host-Based Security," and Part III, "Securing Internet and E-mail Access" should be read by all readers, as these chapters cover many of the core components of Windows Vista. Parts II and III will be of special interest to security and Windows administrators, and desktop support technicians. Part IV, "Securing Windows Networks," will be of the most interest to administrators charged with protecting Windows networks, as the title implies. Chapter 14 will be of the most interest to Active Directory group policy administrators, although much of what is recommended also applies to local security policy. Last, Chapter 15, "Thinking about Security," should be read by all readers. It contains advanced expertise and recommendations.



Windows Vista Security. Securing Vista Against Malicious Attacks
Windows Vista Security. Securing Vista Against Malicious Attacks
ISBN: 470101555
EAN: N/A
Year: 2004
Pages: 163

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net