Synopses & Reviews
It's not the computer. The hacker's first target is YOU!A dirty little secret that vendors don't want you to know is that good computer security doesn't cost a thing. Any solution you can buy is guaranteed to fail. Malicious hackers use this fact to their advantage. Real security is gained by understanding the enemy's tactics and offsetting them with appropriate and consistently applied Windows settings. These expert authors realize that an effective strategy is two parts technology and one part psychology. Along with learning about Vista's new security features (such as UAC, integrity controls, BitLocker, Protected Mode, and IIS 7), learn common-sense recommendations that will immediately provide reliable value.
Vista Security Tips
- Have a healthy sense of paranoia
Understand and apply the basics properly
Use longer passwords. No, longer than that
Use admin privilege very sparingly
Don't believe Internet Explorer Protected Mode will stop all attacks
Don't believe DEP can stop all attacks
Don't believe any technology can stop all attacks
Synopsis
Written by a 20year Windows security writer and Microsoft MVP, this essential resource prepares end users and technical administrators to handle various security problems that still exist in Windows Vista and future threats that could eventually come down the pike Offers a unique hacker s perspective and focuses special attention on how Internet Explorer 7.0 is already being hacked and how the new Firewall was flawed from the beginning Reviews Windows Defender and other anti-malware tools, bitlocker technology, and new group policy settings Default security guides, recommendations, and security templates are available for download on the companion Web site Foreword by Mark MinasiSynopsis
- Written by two veteran Windows security experts, one a Microsoft Security MVP and Foundstone Security Consultant, and one a former senior member of Microsoft's Security Engineering Team. Collectively, Grimes and Johansson have 40 years of security experience, 30 on Windows
- This essential resource prepares end users and technical administrators to handle various security problems that still exist in Windows Vista and future threats
- Special in-depth coverage of all significant new security technologies in Windows Vista, including User Account Control, the new Firewall, Internet Explorer 7.0, Windows Defender, Service Hardening, and BitLocker
- Covers all significant changes to security in Windows Vista, including new group policy features and settings, how access control has changed, Internet Information Server 7, and more
- Valuable tools, documents, scripts, and other material will be available for download on the companion web site
Synopsis
Written by two veteran Windows security experts—one a Microsoft Security MVP and Foundstone Security Consultant, and the other a former senior member of Microsoft's Security Engineering Team—this essential resource prepares end users and technical administrators to handle various security problems that exist in Windows Vista as well as possible future threats. Offering in-depth coverage of all significant new security technologies in Windows Vista, this book addresses User Account Control, the new Firewall, Internet Explorer 7.0, Windows Defender, Service Hardening, and BitLocker.
About the Author
Roger A. Grimes, CPA, CISSP, four-time MVP, is a 20-year industry veteran and author of seven books and over 200 articles on Windows security. Currently working for Microsoft as an ACE Team senior security consultant, Roger previously taught Windows and Linux security for Foundstone and is a highly requested industry speaker.
Jesper M. Johansson is currently working on application security and developer security training on large software projects. Prior to his current work he was a senior security strategist at Microsoft Corporation and is a well known authority on Windows operating system security. He holds a Ph.D. in Management Information Systems.
Table of Contents
Foreword.
Acknowledgments.
Introduction.
Part I Introducing Windows Vista.
Chapter 1 New Security Features.
Chapter 2 How Hackers Attack.
Chapter 3 Windows Infrastructure.
Part II Host-Based Security.
Chapter 4 User Account Control.
Chapter 5 Managing Access Control.
Chapter 6 Application Security.
Chapter 7 Vista Client Protection.
Part III Securing Internet and E-mail Access.
Chapter 8 Securing Internet Explorer.
Chapter 9 Introducing IIS 7.
Chapter 10 Protecting E-mail.
Part IV Securing Windows Networks.
Chapter 11 Managing Windows Firewall.
Chapter 12 Server and Domain Isolation.
Chapter 13 Wireless Security.
Part V Group Policy and Best Practices.
Chapter 14 Using Group Policy.
Chapter 15 Thinking about Security.
Appendix A Building a Windows PE Boot Disk.
Appendix B References.
Index.