Windows Security Monitoring: Scenarios and Patterns Front Cover

Windows Security Monitoring: Scenarios and Patterns

by
  • Length: 648 pages
  • Edition: 1
  • Publisher:
  • Publication Date: 2018-04-17
  • ISBN-10: 1119390648
  • ISBN-13: 9781119390640
  • Sales Rank: #521773 (See Top 100 Books)
5.0
3 ratings
Print Book Look Inside
Description

Go deep into Windows security tools to implement more robust protocols and processes

Windows Security Monitoring goes beyond Windows admin and security certification guides to provide in-depth information for security professionals. Written by a Microsoft security program manager, DEFCON organizer and CISSP, this book digs deep into the underused tools that help you keep Windows systems secure. Expert guidance brings you up to speed on Windows auditing, logging, and event systems to help you exploit the full capabilities of these powerful native tools, while scenario-based instruction provides clear illustration of how these events unfold in the real world. From security monitoring and event detection to incident response procedures and best practices, this book provides detailed information on all of the security tools your Windows system has to offer.

Windows includes many native tools that can help IT professionals and security experts spot and remedy suspicious activities on servers, networks, and end-user computers. If you’re like many Windows pros, you’re probably not taking full advantage of these features. This book takes you deep into Windows’ underutilized built-in security tools to help you beef up your monitoring, detection, and response processes.

  • Detect anomalous events and implement centralized alerting infrastructure
  • Dig into the native Windows tools that enable robust security measures
  • Understand the details of Powershell, Applocker, LogParser, and other tools
  • Adopt effective incident response processes for various common scenarios

Fully applicable to a range of Windows versions—back to Windows Vista and Windows Server 2008—this book is designed for real-world implementation. As the threats to your data grow more numerous by the day, it becomes ever more critical to use every security tool at your disposal. Windows Security Monitoring offers complete, expert guidance toward robust security with specialist-level use of powerful Windows tools.

Table of Contents

Part I: Introduction to Windows Security Monitoring
CHAPTER 1: Windows Security Logging and Monitoring Policy

Part II: Windows Auditing Subsystem
CHAPTER 2: Auditing Subsystem Architecture
CHAPTER 3: Auditing Subcategories and Recommendations

Part III: Security Monitoring Scenarios
CHAPTER 4: Account Logon
CHAPTER 5: Local User Accounts
CHAPTER 6: Local Security Groups
CHAPTER 7: Microsoft Active Directory
CHAPTER 8: Active Directory Objects
CHAPTER 9: Authentication Protocols
CHAPTER 10: Operating System Events
CHAPTER 11: Logon Rights and User Privileges
CHAPTER 12: Windows Applications
CHAPTER 13: Filesystem and Removable Storage
CHAPTER 14: Windows Registry
CHAPTER 15: Network File Shares and Named Pipes

APPENDIX A: Kerberos AS_REQ, TGS_REQ, and AP_REQ Messages Ticket Options
APPENDIX B: Kerberos AS_REQ, TGS_REQ, and AP_REQ Messages Result Codes
APPENDIX C: SDDL Access Rights

Free ChaptersTry Audible and Get Two Free Audiobooks »
To access the link, solve the captcha.
Recommended BooksMore Similar Books »
Bypassing Memory Encryption: A Simpler, Non-Technical General Reading for Knowledge Hackers (Ethical Hacking and Penetration Testing) Cover
Bypassing Memory Encryption: A Simpler, Non-Technical General Reading for Knowledge Hackers (Ethical Hacking and Penetration Testing)
2024-03-14
0
Security-Driven Software Development: Learn to analyze and mitigate risks in your software projects Cover
Security-Driven Software Development: Learn to analyze and mitigate risks in your software projects
2024-03-15
1
Mastering Microsoft Intune, 2nd Edition: Deploy Windows 11, Windows 365 via Microsoft Intune, Copilot and Advance Management via Intune Suite Cover
Mastering Microsoft Intune, 2nd Edition: Deploy Windows 11, Windows 365 via Microsoft Intune, Copilot and Advance Management via Intune Suite
2024-03-13
0
The Cybersecurity Guide to Governance, Risk, and Compliance Cover
The Cybersecurity Guide to Governance, Risk, and Compliance
2024-05-28
0
Active Directory and PowerShell for Jobseekers: Learn how to create, manage, and secure user accounts Cover
Active Directory and PowerShell for Jobseekers: Learn how to create, manage, and secure user accounts
2024-02-09
0
HACKING WITH KALI LINUX WIRELESS PENETRATION Cover
HACKING WITH KALI LINUX WIRELESS PENETRATION
2024-02-16
0
Shell scripting for Cybersecurity: Mastering Bash to Enhance System Security, Vulnerability Management, and Threat Response Cover
Shell scripting for Cybersecurity: Mastering Bash to Enhance System Security, Vulnerability Management, and Threat Response
2023-12-31
0
Hacker: Hack The System: The
Hacker: Hack The System: The "Ethical" Python Hacking Guide
2024-02-07
0
Subscribe
Categories
Tags