SearchWindowsSecurity.com Book Excerpts Library

Browse our featured book excerpts.

SearchWindowsSecurity.com Book Excerpts

SearchWindowsSecurity.com works with top publishers to secure free book excerpts to help you stay on top of the market. Bookmark this page and check back often for additions.

Now you can find new book excerpts each week on SearchWindowsSecurity.com! You'll find chapters on hardening Windows systems, authentication and encryption methods, threats and vulnerabilities, applications security and more.
 

 


 

 

Microsoft Windows Group Policy Guide

Microsoft Windows Group Policy Guide: Chapter 5, "Hardening Clients and Servers"
By William R. Stanek, Darren Mar-Elia and Derek Melber

Included in the Microsoft Windows Server 2003 Resource Kit, the "Windows Group Policy Guide" can help you extend your administrative control with Group Policy -- simplifying user and computer management and automating routine tasks.

  • Design, implement, and modify Group Policy Objects (GPOs)
  • Manage GPOs and policy settings; learn best practices for deployment
  • Administer user settings, system configuration and access, and software installation and maintenance
  • Customize administrative and security templates; create custom environments
  • Manage IPSec, public key, and Windows Firewall policy settings
  • Use Resultant Set of Policy tools and Group Policy logs to troubleshoot problems

Read the series of book excerpts for Chapter 5, "Hardening Clients and Servers"
Available Now

Chapter Description:
This chapter discusses the philosophy behind protecting clients and servers in the Active Directory domain and the methods and tools for doing so. We will investigate security templates, which are the main mechanism used to configure security on computers running Microsoft Windows. We will look at the uses and roles of the default security templates, as well as how to create, import, change, export, and apply security templates. We will examine the various sections of a security template, along with the key settings in each section.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

 

The Definitive Guide to Securing Windows in the Enterprise

The Definitive Guide to Securing Windows in the Enterprise: Chapter 2, "Securing Clients"
By Don Jones

Today's enterprise is placing a greater focus on security -- an endeavor driven in no small part by the array of new laws and regulations with a security focus -- and securing Windows is becoming an increasingly important task. You can spend a lifetime attempting to master Windows security and spend much of your free time discussing and debating the topic with other IT professionals. However, this eBook, , concentrates on security as more than just philosophy and policies -- security is a practical topic with real-world impact, which is the focus of this guide.

 

Read the series of book excerpts for Chapter 2, "Securing Clients"
Available Now

Chapter Description:
Compared to servers, client computers are often neglected when it comes to security. This chapter introduces you to some of the major client vulnerabilities and gives you some tips on how to lock them down.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

 

The 19 Deadly Sins of Software Security

The 19 Deadly Sins of Software Security: Chapter 1, "Buffer Overruns"
By David LeBlanc, Ph.D., John Viega and Michael Howard, CISSP

"Ninety-five percent of software bugs are caused by the same 19 programming flaws."
      —Amit Yoran, Former Director of The Department of Homeland Security's National Cyber Security Division

Secure your software by eliminating code vulnerabilities from the start. The 19 Deadly Sins of Software Security, aimed at software developers -- regardless of platform, language and type of application, outlines the 19 sins of software security and shows how to fix each one. Authors Michael Howard and David LeBlanc, who teach Microsoft employees how to write secure code, have partnered with John Viega, who uncovered the 19 deadly programming sins, to write this hands-on guide. Detailed code examples throughout show the code defects as well as the fixes and defenses. This book can help you eliminate security flaws from your code.

 

Read the series of book excerpts for Chapter 1, "Buffer Overruns"
Available Now

Chapter Description:
This chapter examines buffer overruns and offers techniques to avoid and prevent this type of attack.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Protect Your Windows Network: From Perimeter to Data

Protect Your Windows Network: From Perimeter to Data: Chapter 2, "Anatomy of a Hack -- The Rise and Fall of Your Network" 
By Jesper Johansson and Steve Riley
 

Protect Your Windows Network: From Perimeter to Data is a complete "Defense in Depth" model for protecting any Windows network -- no matter how large or complex. Unlike security books that focus on individual attacks and countermeasures, this book shows how to address the problem holistically and in its entirety. Through hands on examples and practical case studies, you will learn how to integrate multiple defenses -- deterring attacks, delaying them and increasing the cost to the attacker.



 

Read the series of book excerpts for Chapter 2, "Anatomy of a Hack -- The Rise and Fall of Your Network."
Available Now

Chapter Description:
This chapter shows you how hackers take advantage of your mistakes and how to protect your network by avoiding these pitfalls.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Immediate Call to Action

Hardening Windows Systems: Chapter 1, "An Immediate Call to Action"
By Roberta Bragg
 

Take a proactive approach to network security by hardening your Windows systems against attacks before they occur. This hands-on resource provides concrete steps you can take immediately as well as ongoing actions to ensure long-term security. Whether you have one Windows server or 100, you'll get complete details on how to systematically harden your network from the ground up, as well as strategies for getting company-wide support for your security plan. With coverage of Windows 95/98/NT 4.0/2000/XP and Windows Server 2003, this book is an essential security tool for on-the-job IT professionals.

 

Read the series of book excerpts for Chapter 1, "An Immediate Call to Action."
Available Now

Chapter Description:
Here you'll find 10 excerpts detailing steps you can take right now to secure Windows systems.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Administrator Shortcut Guide to Active Directory

Administrator Shortcut Guide to Active Directory Security: Chapter 2, 'Active Directory Security'
By Derek Melber and Dave Kearns
 

Written by authors Derek Melber and Dave Kearns, this e-book shows you how to apply Group Policies in which order and based on what criteria, create effective Group Policy design and implementation, overcome the lack of auditing functionality in MS tools, create best practices for delegating control in AD, and use the best AD practices.



 

Read the series of book excerpts for Chapter 2, "Active Directory Security."
Available Now

Chapter Description:
This chapter covers AD security techniques and tools, from selecting the proper directory structure to delegating control in AD.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Windows Server 2003 Security Infrastructures

Windows Server 2003 Security Infrastructures: Chapter 5, 'Kerberos'
By Jan De Clercq
 

Written by author Jan De Clercq, this book focuses on the operating system's authentication, authorization, key management and security management infrastructure services. It provides all you need to know about Windows-rooted trusted security infrastructures and fundamental Windows security concepts. The book covers different authentication methods, including Kerberos.



 

Read the series of book excerpts for Chapter 5, "Kerberos."
Available Now

Chapter Description:
This chapter will take you through the Kerberos protocol and in-depth authentication and authorization methods.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

The Administrator Shortcut Guide to Patch Management

The Administrator Shortcut Guide to Patch Management: Chapter 1, 'Why is Patch Management Important?'
By Rod Trent
 

Written by author Rod Trent, this e-book examines the critical IT challenge of patch management and its current state of affairs in the corporate network world. The e-book delivers in-depth looks at the impact of patch management on corporate security and risk management, its best practice methodologies and the tools that are available to manage this mission-critical IT process, which is becoming both more complex and more strategic.



 

Read the series of book excerpts for Chapter 1, "Why is Patch Management Important?"
Available Now

Chapter Description:
This chapter focuses on overall security by illustrating and emphasizing the importance of patch management in a successful security strategy.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

MCSE Designing Security for a Microsoft Windows Server 2003 Network Exam Cram 2

MCSE Designing Security for a Microsoft Windows Server 2003 Network Exam Cram 2
By Ed Tittel
 

Written by author Ed Tittel, this Exam Cram 2 book is focused on what you need to know to pass the 70-298 exam for Windows Server 2003. The Exam Cram 2 Method of Study provides you with a concise method to learn the exam topics. The book includes tips, exam notes, acronyms and memory joggers in order to help you pass the exam. Included in this book is a tear-out "Cram Sheet" for last minute test preparation; two complete practice exams and answer keys with key explanations; and the PrepLogic Practice Tests, test engine to simulate the testing environment and test your knowledge.



 

Read the series of book excerpts for Chapter 6, "Designing an Access Control Strategy for Data."
Available Now

Chapter Description:
This chapter helps you to examine Windows Server 2003 built-in structure and its relation to access control.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Hardening Windows

Hardening Windows: Chapter 7, 'Network Access Quarantine Control'
By Jonathan Hassell
 

One of the most prevalent ways for nefarious software or Internet users to creep onto your network is through your mobile users, when they try to connect to your business network while on the road. Most remote users are only authenticated on the basis of their identity. For this reason, Windows Server 2003 includes a new feature in its Resource Kit, called Network Access Quarantine Control (NAQC), which allows you to prevent remote users from connecting to your network with machines that aren't up to date and secure. This chapter will detail how this feature works and how to install and configure it.



 

Read the series of book excerpts for Chapter 7, "Network Access Quarantine Control."
Available Now

Chapter Description:
This chapter explains how network access quarantine works and contains six steps for deploying Network Access Quarantine Control.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

The Definitive Guide to Windows 2000 Security

The Definitive Guide to Windows 2000 Security: Chapter 5, 'Configuring Access Control'
By Paul Cooke
 

Access control provides the logical, or physical, controls that prevent unauthorized access to information resources. Check out Paul Cooke's e-book The Definitive Guide to Windows 2000 Security: Chapter 5, 'Configuring Access Control,' to learn about the components of access control in Windows 2000.



 

Read the series of book excerpts for Chapter 5, "Configuring Access Control."
Available Now

Chapter Description:
This chapter describes the components of access control and covers all the bases of a comprehensive security methodology for your Microsoft Windows 2000 environment.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

The complete patch management book

The Complete Patch Management Book: Chapter 1, 'What is Patch Management?'
By Anne Stanton and Susan Bradley
 

Get a glimpse inside the e-book The Complete Patch Management Book by Anne Stanton, president of Norwich Group, and Susan Bradley, Microsoft Small Business Server MVP. This series of book excerpts will help you navigate Chapter 1, 'What is patch management?,' courtesy of Ecora.



 

Read the series of book excerpts for Chapter 1, "What is Patch Management?"
Available Now

Chapter Description:
This chapter helps those who need to understand the evolving patch management landscape. The first chapter outlines patch management basics -- from the fundamentals of patching, to the how's and why's of patching.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

The Tips and Tricks Guide to Securing Windows Server 2003

The Tips and Tricks Guide to Securing Windows Server 2003: Chapter 7, 'Remote Access'
By Roberta Bragg
 

Take a look at Roberta Bragg's e-book The Tips and Tricks to Securing Windows Server 2003 with this series of e-book excerpts from Chapter 7, 'Remote access,' courtesy of Realtimepublishers.com.



 

Read the series of book excerpts for Chapter 7, 'Remote Access'
Available Now

Chapter Description:
This e-book gives you the inside scoop on securing your Microsoft Windows Server 2003. It covers what to do with legacy systems, how to use Windows Server 2003 group policy and other tools to secure clients such as Windows 2000 and XP, what an administrator can do in Windows Server 2003, best practices for group and resource management, how to deliver secure remote access to telecommuters, and emerging Windows Server 2003 enhancements and additions.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Hardening Windows Systems

Hardening Windows Systems: Chapter 11, 'Harden Communications'
By Roberta Bragg
 

Take a look at Roberta Bragg's book Hardening Windows Systems with this series of book excerpts from Chapter 11, 'Harden Communications,' courtesy of McGraw-Hill/Osborne.



 

Read the series of book excerpts for Chapter 11, 'Harden Communications'
Available Now

Chapter Description:
Take a proactive approach to network security by hardening your Windows systems against attacks before they occur. This hands-on resource provides concrete steps you can take immediately as well as ongoing actions to ensure long-term security. Whether you have one Windows server or 100, you'll get complete details on how to systematically harden your network from the ground up, as well as strategies for getting company-wide support for your security plan. With coverage of Windows 95/98/NT 4.0/2000/XP and Windows Server 2003, this book is an essential security tool for on-the-job IT professionals.

  Download the free excerpts.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

MCSA/MCSE Implementing and Administering Security in a Windows 2000 Network Exam Cram 2

MCSA/MCSE Implementing and Administering Security in a Windows 2000 Network Exam Cram 2: Chapter 3, 'Service Packs and Security Updates'
By Roberta Bragg
 

Take a look at Roberta Bragg's Exam Cram 2 book Implementing and Administering Security in a Windows 2000 Network by reading Chapter 3, 'Maintaining Security by Implementing, Managing, and Troubleshooting Service Packs and Security Updates,' courtesy of Que Certification.



 

Check out Chapter 3 and then answer the 10 prep questions
Available Now

Chapter Description:
The question today is not should you patch, but how are you going to patch, and how fast are you going to do it? Many Microsoft tools can assist in solving the logistics of patching, so knowing the tools and methods necessary to keep systems patched is important. Learn how to troubleshoot the problems that patches may cause and understand the reasons tools may not work correctly in this chapter.

  Download the free chapter and quiz.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

Managing Windows with VBScript and WMI

Managing Windows with VBScript and WMI: Chapter 28, 'Scripting Security' 
By Don Jones
 

Take a look at Don Jones's book Managing Windows with VBScript and WMI by reading Chapter 28, 'Scripting Security,' courtesy of Addison-Wesley Professional.



 

Read the series of book excerpts for Chapter 28, 'Scripting Security' 
Available Now

Chapter Description:
It's so simple for users to launch unauthorized scripts from e-mail attachments that many administrators disable scripting altogether. But you shouldn't avoid this administrative tool -- lock it down and reap the benefits instead. This chapter focuses on ways to address the two primary security issues associated with Windows Script Host (WSH), which will help you configure a safer scripting environment.

  Download the free chapter.

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

This was first published in August 2004
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close