Getting Started with Windows Server Security电子书

Getting Started with Windows Server Security

Table of Contents

Getting Started with Windows Server Security

Credits

About the Author

Acknowledgments

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers, and more

Why subscribe?

Free access for Packt account holders

Instant updates on new Packt books

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Errata

Piracy

Questions

1. Operating System and Baseline Security

Microsoft Windows Server

Baseline and security

Security Configuration Wizard

Translating your policy into a technical policy

Creating a policy template

Policy review and validation

Policy implementation

Analyzing the result and troubleshooting

A backup or rollback plan

Summary

2. Native MS Security Tools and Configuration

Microsoft SCM

Installing Microsoft SCM

Administering Microsoft SCM

Creating and implementing security policies

Exporting GPO from Active Directory

Importing GPO into SCM

Merging imported GPO with the SCM baseline policy

Exporting the SCM baseline policy

Importing a policy into Active Directory

Maintaining and monitoring the integrity of a baseline policy

Microsoft ASA

Application control and management

AppLocker

Creating a policy

Auditing a policy

Implementing the policy

AppLocker and PowerShell

Summary

3. Server Roles and Protocols

Server types and roles

Managing servers using Server Manager

Monitoring and securing server roles

Creating a server role baseline report

Analyzing production servers

Server Message Block

Configuring and implementing SMB

Identifying the client and server operating system

Verifying the current SMB configuration

Enabling or disabling the SMB encryption

Verifying SMB communication

Summary

4. Application Security

File or data server

Applying baseline security

The access mechanism

Data protection

Removing unwanted shares

Data encryption using BitLocker encryption

Installing BitLocker

Verifying the encryption status

Encrypting data volume

Managing BitLocker volume

Print server

Applying baseline security

The print server role security

Print server access mechanisms

The printer driver security and installation

Print server and share permissions

Hyper-V servers

Applying baseline security

Securing the access mechanism

Guard protection

Enabling the guard protection

Encrypting Hyper-V host servers

Internet Information Services

Applying baseline security

Securing web server components

Securing the access mechanisms

Adding dynamic IP restrictions

Summary

5. Network Service Security

Baseline policies

Read-only Domain Controllers

Installing RODCs

Configuring RODCs

Domain Name System

Applying a DNS baseline policy

Enabling Scavenging on a DNS server

Enabling Scavenging on a DNS zone

Securing DNS dynamic updates

Cache poisoning attacks

Dynamic Host Configuration Protocol

Applying a DHCP baseline policy

Controlling and segregating IP address allocation

Configuring PBA

Securing DHCP administration

IP address and DNS management and monitoring

Service accounts

Group Managed Service Accounts

Creating a KDS root key

Creating Group Managed Service Accounts

Installing Group Managed Service Accounts

Configuring Group Managed Service Accounts

Enhanced Mitigation Experience Toolkit

Installing Enhanced Mitigation Experience Toolkit

Configuring Enhanced Mitigation Experience Toolkit

Summary

6. Access Control

Dynamic Access Control

Enabling the KDC support

Creating claim types

Creating and enabling resource properties

Creating a central access rule

Creating a central access policy

Deploying a central access policy

Configuring folder permissions on a file server

Verifying access the control configuration and permission

Summary

7. Patch Management

Microsoft Windows Server Update Services

Installing the WSUS web role

Configuring WSUS

Configuring and deploying automatic updates

Administering WSUS

Creating groups

Managing updates

Managing the group membership

Summary

8. Auditing and Monitoring

Auditing

Default auditing policies

Enabling Global Object Access Auditing – filesystem

Enabling Global Object Access Auditing – directory services

Event forwarding

Configuring the source computer

Configuring the target (collector) computer

Troubleshooting event forwarding

Monitoring

Microsoft Best Practice Analyzer

Monitoring the performance

Summary

Index