| | Copyright |
| | Preface |
| | | What's in This Book? |
| | | Audience |
| | | About This Book |
| | | Assumptions This Book Makes |
| | | Conventions Used in This Book |
| | | Comments and Questions |
| | | Acknowledgments |
| | Chapter 1. Introduction to Windows Server 2003 Security |
| | | Section 1.1. What Is Security? |
| | | Section 1.2. What Is Windows Server 2003? |
| | | Section 1.3. Security Design in Windows Server 2003 |
| | | Section 1.4. Security Features in the Windows Server 2003 Family |
| | | Section 1.5. Summary |
| | Chapter 2. Basics of Computer Security |
| | | Section 2.1. Why Computer Security Is Important |
| | | Section 2.2. Security Enforcement Mechanisms |
| | | Section 2.3. POLA: The Principle of Least Access |
| | | Section 2.4. Key-Based Cryptography |
| | | Section 2.5. Authorization and Authentication |
| | | Section 2.6. Password Basics |
| | | Section 2.7. Network Security |
| | | Section 2.8. Keeping Your Eyes Open |
| | | Section 2.9. Summary |
| | Chapter 3. Physical Security |
| | | Section 3.1. Identifying Physical Security Vulnerabilities |
| | | Section 3.2. Protecting Physical Assets |
| | | Section 3.3. Holistic Security: Best Practices |
| | | Section 3.4. Summary |
| | Chapter 4. File System Security |
| | | Section 4.1. Protecting Files with NTFS File Permissions |
| | | Section 4.2. Protecting Data with the Encrypting File System |
| | | Section 4.3. Protecting System Information with Syskey |
| | | Section 4.4. Summary |
| | Chapter 5. Group Policy and Security Templates |
| | | Section 5.1. What Is Group Policy? |
| | | Section 5.2. How Group Policy Works |
| | | Section 5.3. How Do Security Templates Work? |
| | | Section 5.4. Using Group Policy to Enforce Security |
| | | Section 5.5. Using Security Templates to Deploy Secure Configurations |
| | | Section 5.6. Summary |
| | Chapter 6. Running Secure Code |
| | | Section 6.1. Identifying Secure Code |
| | | Section 6.2. Driver Signing |
| | | Section 6.3. Software Restriction Policies |
| | | Section 6.4. Summary |
| | Chapter 7. Authentication |
| | | Section 7.1. LAN Manager and NTLM |
| | | Section 7.2. Kerberos |
| | | Section 7.3. Summary |
| | Chapter 8. IP Security |
| | | Section 8.1. What Is IP Security? |
| | | Section 8.2. How Does IPSec Work? |
| | | Section 8.3. Microsoft's Implementation of IPSec in Windows Server 2003 |
| | | Section 8.4. Using IPSec Correctly |
| | | Section 8.5. Summary |
| | Chapter 9. Certificates and Public Key Infrastructure |
| | | Section 9.1. What Are Certificates? |
| | | Section 9.2. What Do I Do with Certificates? |
| | | Section 9.3. What Is a Certification Authority? |
| | | Section 9.4. Deciding Between Public and Private Certification Authorities |
| | | Section 9.5. Implementing a Public PKI |
| | | Section 9.6. Planning Your Private Certification Hierarchy |
| | | Section 9.7. Implementing a Private Certification Hierarchy |
| | | Section 9.8. Maintaining Your Hierarchy |
| | | Section 9.9. Summary |
| | Chapter 10. Smart Card Technology |
| | | Section 10.1. What Are Smart Cards? |
| | | Section 10.2. Using Smart Cards |
| | | Section 10.3. Summary |
| | Chapter 11. DHCP and DNS Security |
| | | Section 11.1. DHCP |
| | | Section 11.2. DNS |
| | | Section 11.3. DNS and DHCP Together |
| | | Section 11.4. Summary |
| | Chapter 12. Internet Information Services Security |
| | | Section 12.1. What Is IIS? |
| | | Section 12.2. How Does IIS Work? |
| | | Section 12.3. Using IIS Securely |
| | | Section 12.4. Summary |
| | Chapter 13. Active Directory Security |
| | | Section 13.1. What Is Active Directory? |
| | | Section 13.2. Structural Components of Active Directory |
| | | Section 13.3. Domain Controllers |
| | | Section 13.4. Default Security Through GPOs |
| | | Section 13.5. Providing Security for Domains |
| | | Section 13.6. Providing Security for Forests |
| | | Section 13.7. Providing Security for Active Directory Objects |
| | | Section 13.8. Providing Security for Domain Controllers |
| | | Section 13.9. Summary |
| | Chapter 14. Remote Access Security |
| | | Section 14.1. What Is Remote Access? |
| | | Section 14.2. Controlling Access |
| | | Section 14.3. Authentication and Encryption Protocols |
| | | Section 14.4. Virtual Private Networks |
| | | Section 14.5. Example Implementations for Remote Access |
| | | Section 14.6. Summary |
| | Chapter 15. Auditing and Ongoing Security |
| | | Section 15.1. Security Policies and Procedures |
| | | Section 15.2. Auditing |
| | | Section 15.3. Operating System Updates |
| | | Section 15.4. Summary |
| | Appendix A. Sending Secure Email |
| | | Section A.1. What Is Secure Email? |
| | | Section A.2. How Does Secure Email Work? |
| | | Section A.3. Considerations for Secure Email |
| | | Section A.4. Secure Email Implementation |
| | | Section A.5. Summary |
| | Colophon |
| | Index |