» » Microsoft Windows Security Resource Kit (2nd Edition)

Download Microsoft Windows Security Resource Kit (2nd Edition) epub

by Ben Smith

Now fully updated and revised, this official Microsoft RESOURCE KIT delivers the in-depth information and tools you need to help protect your Windows-based clients, servers, networks, and Internet services. Security experts Ben Smith and Brian Komar, working in conjunction with the Microsoft Security Team, explain how core Windows security internals work and how to assess security threats and vulnerabilities, configure security features, monitor and respond to security events, and effectively apply security technologies and best practices. You’ll find new information on Microsoft Windows Server 2003 Service Pack 1, Windows XP Service Pack 2, and Microsoft Office 2003 Editions. And you’ll get essential tools, scripts, templates, and other key resources on the CD.

Get in-depth guidance on how to:

Build security considerations into the design of Active Directory objects, domains, and forests; manage user accounts and passwords; apply Group Policy NEW—Utilize the Security Configuration Wizard and Windows Update Services Configure TCP/IP and the Windows Firewall, and address the unique security risks of mobile computing and wireless networking Define security settings for domain controllers, IIS 5.0 and 6.0, Windows Terminal Services, and DNS, DHCP, WINS, RAS, and certificate servers NEW—Design an 802.1x authentication infrastructure NEW—Implement the security advances in Microsoft Office 2003 Editions, IIS 6.0, and the latest service packs Perform security assessments and respond to security incidents Manage security and privacy settings for Microsoft Office and Internet Explorer

CD features:

20+ tools and scripts, including: Placeholder script Xcacls.vbs—to script file and folder permissions EventcombMT.exe—to collect and search event logs from multiple computers through a GUI Microsoft Encyclopedia of Networking, Second Edition, eBook Microsoft Encyclopedia of Security eBook Bonus content from additional Microsoft Press security books eBook of the complete RESOURCE KIT

For customers who purchase an ebook version of this title, instructions for downloading the CD files can be found in the ebook.

Download Microsoft Windows Security Resource Kit (2nd Edition) epub
ISBN: 0735621748
ISBN13: 978-0735621749
Category: Technology
Subcategory: Operating Systems
Author: Ben Smith
Language: English
Publisher: Microsoft Press; 2nd edition (April 9, 2005)
Pages: 752 pages
ePUB size: 1705 kb
FB2 size: 1150 kb
Rating: 4.2
Votes: 192
Other Formats: lit txt lrf lit

I used the book as a reference for MCSE. But, now that I'm really going through and reading it more thoroughly I'm surprised that it was rated 5 stars at the time I bought and still is.

Although there is a lot of useful information in it one strike against it is that it's written in a manner that is not easy to read. I could include one of many example paragraphs that would just blur your eyes and make your head spin, even after reading it multiple times. But, I'm not going to take the time or space in this review.

Also there are too many instances in which the authors don't finish the point. For instance (just one of many examples) when they discuss configuring LM compatibility. They provide a nice list of possible settings, tell you that you set these in Group Policy and then don't finish by telling you where or how you make these settings in Group Policy. So you're left having to go to another source to finish the answer. Once you've done that a few times you quick reading this book and use the other source instead. I've trained on software myself for many years and I consider that laziness, on the authors part.

I won't deny that there's valuable information in the book. That's why I opted for 3 stars. But, there's also enough shortcomings that it's not a 4 and certainly not a 5 star book.
Silver Globol
Microsoft® Windows® Security Resource Kit
Great Book!!! Very helpful and I would recommend this book for users who want to learn more about this operating system. Also a good reference.
I ordered my book on 8/5 and it's 8/22 today. Still no book and I am close to 10 chapters behind in my accelerated learning class. How convenient that they deleted my first review to make sure they don't look bad to the public. I ordered my book on the 5th and never got the book as of today. This company has made 0 attempt to make up for my inconvenience. Thanks for nothing.
The Windows Security Resource Kit is a wonderful wealth of information on securing Windows networks and operating systems. It is useful for anyone above the beginner level. It concentrates on using features of primarily Windows 2000 and XP to maximize security for various levels of needs. It is not about building a bastion host or configuring firewalls.
It is not a "cookbook" like too many training manuals are these days and is not full of fluff - it covers a lot of territory in it's 680 pages and is not geared for technogeeks, but is clearly written and understandable to the average Joe and Jane [except page 349]. The first two chapters put you in the security "mindset" - Key Principles of Security [including the Ten Immutable Laws of Security] and Understanding Your Enemy. I think that is very important, because security needs to be approached from an attitude about what you are up against and how only one vulnerability can sink your boat.
The next twenty three chapters are logically divided into security topics that can later be accessed easily as needed for reference purposes. Each chapter ends with best pratices recap and references to other books or Knowledge Base articles.
I thought the "meat" of the book was thorough, interesting, and accurate. Finally I have one place to go for an explaination of what ALL the user rights, security options, and services are. There is an excellent chapter on securing tcp/ip with specific recommendations on registry modifications to defend against a denial of service attack and even a .vbs script on the cdrom to implement them all. An equally excellent chapter on auditing including comprehensive tables explaining Event Ids and Event ID 681 failure codes. I finally know what the difference is between auditing account log on and log on events. Chapter 10 goes into great detail about ALL of the various settings in the Web Content Zones for Internet Explorer and how to configure them for your needs. Cookie/Privacy settings are also explained in detail. Chapter 7 includes specific recommendations on ntfs security settings for every folder in a new installation and a security template to implement them. I was impressed with Chapter 21 in that it shows you how to secure an IIS 5.0 server without having to be an IIS expert. Chapters 22 and 23 nicely explain patch management, Windows Update, using Microsoft Baseline Security Analyzer tool, and using SUS for patch management on a large scale basis. The chapter on remote access and vpn explains the differences in pptp and l2tp and when to use each. Other chapters cover securing Terminal Services, authentication - various settings for Lan Manager authentication level, managing security templates/Security Configuration and Analysis tool, wireless networking/WEP, EFS [ten pages of crucial info], ipsec, Certificate Services, Group Policy, Active Directory [I now know how to use dsacls to reset object permissions to default], securing laptops [very informative], permissions, account/password policies, and managing users. Chapter 24 covers using security assessment tools including how to port scan and a extensive chart of common Windows ports and what applications use them.
Part VI of the book breaks away from Windows specific configurations and is called Planning and Performing Security Assessments and Incident Responses. It discusses vulnerability scanning, penetration testing, and security audits. This part is also extremely informative to those of us who are not trained in what to do after an incident - what to do when an intrusion is detected, who to inform , and most importantly how to preserve data in the event of criminal prosecution or to reconstruct the attack. The last chapter goes into privacy issues that one needs to know as how far can one go in gathering information from a legal standpoint.
Windows Security Resource kit is a very valuable resource in my opinion to anyone interested in securing a Windows computer or network. The writing style is very understandable and you do not have to read the whole book for it to make sense if only certain topics are of interest. It does not however go into too much detail on importance of virus/trojan protection or perimiter/firewall security but there are whole other books written on those topics. The included cdrom has many tools from the Resource Kit and the book itself. I also highly recommend it to anyone studying for their MCSE and consider it a "must have" for anyone planning to take any of the MCSE security exams or pursue the MCSE Security certification. Kudos to Microsoft Press for this one.