Microsoft Windows Security Essentials -- Introduction -- Who Should Read This Book -- What You Will Learn -- Prerequisites -- What You Need -- What Is Covered in This Book -- Chapter 1: Understanding Core Security Principles -- Understanding Risk -- Exploring the Security Triad -- Protecting Against Loss of Confidentiality -- Protecting Against Loss of Availability -- Protecting Against Loss of Integrity -- Implementing a Defense-in-Depth Security Strategy -- Enforcing the Principle of Least Privilege -- Hardening a Server -- Reducing the Attack Surface -- Keeping a System Updated -- Enabling the Firewall -- Installing Antivirus Software -- Chapter 2: Understanding Malware and Social Engineering -- Comparing Malware -- Viruses -- Worms -- Trojan Horses -- Buffer-Overflow Attacks -- Spyware -- Understanding the Threat -- Protecting Against Malware -- Using Antivirus Software -- Using Microsoft Security Essentials on Desktops -- Thwarting Social-Engineering Attacks -- Social Engineering in Person -- Social Engineering with a Phone Call -- Recognizing Phishing Attempts -- Recognizing Pharming -- Protecting Email -- Chapter 3: Understanding User Authentication -- Comparing the Three Factors of Authentication -- Using Passwords for Authentication -- Comparing Password Attack Methods -- Creating Strong Passwords -- Enforcing Strong Passwords -- Exploring Account Lockout Policies -- Unlocking an Account -- Resetting a Password -- Changing a Password -- Creating a Password-Reset Disk -- Using Smart Cards and Token Devices for Authentication -- Using Biometrics for Authentication -- Starting Applications with Run As Administrator -- Preventing Time Skew with Kerberos -- Identifying RADIUS Capabilities -- Identifying Unsecure Authentication Protocols -- LM -- NTLM (NTLMv1) -- Chapter 4: Securing Access with Permissions -- Comparing NTFS Permissions.

Identifying Basic NTFS Permissions -- Identifying Advanced NTFS Permissions -- Combining Permissions -- Enabling and Disabling Permission Inheritance -- Moving and Copying Files -- Comparing NTFS and FAT -- Exploring Share Permissions -- Identifying Share Permissions -- Combining NTFS and Share Permissions -- Identifying Active Directory Permissions -- Viewing Active Directory Users and Computers -- Comparing NTFS and Active Directory Permissions -- Viewing Active Directory Permissions -- Assigning Registry Permissions -- Chapter 5: Using Audit Policies and Network Auditing -- Exploring Audit Policies -- Exploring Object Access Auditing -- Comparing Account Logon and Logon Events -- Exploring Directory Service Access Auditing -- Understanding Account Management Auditing -- Understanding System Events Auditing -- Understanding Privilege Use Auditing -- Understanding Policy Change Auditing -- Understanding Process Tracking -- Enabling Auditing -- Enabling Object Access Auditing -- Enabling Directory Service Access Auditing -- Viewing Audit Information -- Managing Security Logs -- Saving Audit Information -- Securing Audit Information -- Auditing a Network with MBSA -- Installing MBSA -- Running MBSA -- Chapter 6: Protecting Clients and Servers -- Understanding User Account Control -- Understanding the Dimmed Desktop -- Modifying User Account Control -- Keeping Systems Updated -- Updating Systems with Automatic Updates -- Updating Systems with WSUS or SCCM -- Using Group Policy to Configure Clients -- Protecting Clients -- Understanding Offline Folders -- Encrypting Offline Folders -- Using Software-Restriction Policies -- Protecting Servers -- Using Separate VLANs -- Separating Services -- Using Read-Only Domain Controllers -- Exploring DNS Security Issues -- Protecting Against Email Spoofing with SPF Records -- Understanding Dynamic Updates.

Using Secure Dynamic Updates -- Chapter 7: Protecting a Network -- Identifying Common Attack Methods -- Denial of Service -- Distributed Denial of Service -- Sniffing Attack -- Spoofing Attack -- Port Scan -- Exploring Firewalls -- Comparing Hardware-Based and Software-Based Firewalls -- Comparing UTMs and SCMs -- Isolating Servers on Perimeter Networks -- Using Honeypots -- Isolating a Network with NAT -- Exploring Network Access Protection -- Understanding NAP Components -- Evaluating Client Health with VPN Enforcement -- Using Other NAP Enforcement Methods -- Identifying NAP Requirements -- Identifying Protocol Security Methods -- IPsec -- Comparing Tunneling Protocols -- DNSSEC -- Chapter 8: Understanding Wireless Security -- Comparing Wireless Devices -- Wireless Adapters -- Wireless Access Points -- Wireless Routers -- Comparing Wireless Security Methods -- Understanding Encryption Keys -- Wired Equivalent Privacy -- Wi-Fi Protected Access -- Wi-Fi Protected Access Version 2 -- Extended Authentication Protocol -- Viewing Windows 7 Wireless Settings -- Configuring Wireless Routers -- Changing the Default Administrator Password -- Changing the SSID -- To Broadcast or Not to Broadcast -- Using MAC Filters -- Configuring Windows 7 for Wireless -- Chapter 9: Understanding Physical Security -- Comparing Site Security and Computer Security -- Understanding the Importance of Physical Security -- Controlling Physical Access -- Using Switches Instead of Hubs -- Using Group Policy to Enhance Computer Security -- Understanding Default GPOs -- Designing OUs and GPOs to Manage Users and Computers -- Creating OUs in a Domain -- Moving Objects into an OU -- Creating GPOs to Manage Users and Computers -- Understanding Security Settings in a GPO -- Disabling Log On Locally with Group Policy -- Controlling Removable Storage Access with Group Policy.

Exploring Mobile Device Security -- Protecting Mobile Devices Against Malware -- Minimizing Risks with Bluetooth Devices -- Chapter 10: Enforcing Confidentiality with Encryption -- Comparing Encryption Methods -- Understanding Symmetric Encryption -- Exploring AES -- Understanding Asymmetric Encryption -- Using Certificates to Share Public Keys -- Understanding Hashing -- Securing Email -- Encrypting Email -- Digitally Signing Email -- Understanding EFS -- Encrypting and Decrypting Files with EFS -- Understanding the Recovery Agent -- Understanding Behavior When Files Are Moved or Copied -- Exploring BitLocker Drive Encryption -- Understanding BitLocker Requirements -- Understanding Recovery Keys -- Using BitLocker To Go -- Chapter 11: Understanding Certificates and a PKI -- Understanding a Certificate -- Comparing Public and Private Keys -- Understanding Certificate Errors -- Viewing Certificate Properties -- Exploring the Components of a PKI -- Understanding the Certificate Chain -- Comparing Certificate Services -- Chapter 12: Understanding Internet Explorer Security -- Exploring Browser Settings -- Understanding IE Enhanced Security Configuration -- Selecting Cookies Settings -- Manipulating the Pop-up Blocker -- Using InPrivate Filtering and InPrivate Browsing -- Deleting Browser History -- Managing Add-ons -- Exploring Advanced Security Settings -- Comparing Security Zones -- Using IE Tools to Identify Malicious Websites -- Understanding the SmartScreen Filter -- Modifying Protected Mode -- Appendix A: Answers to Review Questions -- Chapter 1 -- Chapter 2 -- Chapter 3 -- Chapter 4 -- Chapter 5 -- Chapter 6 -- Chapter 7 -- Chapter 8 -- Chapter 9 -- Chapter 10 -- Chapter 11 -- Chapter 12 -- Appendix B: Microsoft's Certification Program -- Certification Objectives Map -- Index -- Appendix C: Answers to Additional Exercises -- Chapter 1.

Chapter 2 -- Chapter 3 -- Chapter 4 -- Chapter 5 -- Chapter 6 -- Chapter 7 -- Chapter 8 -- Chapter 9 -- Chapter 10 -- Chapter 11 -- Chapter 12 -- Appendix D: Optional Lab to Create a Virtual Environment -- Identifying the Requirements -- Configuring Windows 7 with Virtualization -- Locating and Downloading an Evaluation Copy of Windows Server 2008 -- Creating a Virtual Machine for Windows Server 2008 -- Installing Windows Server 2008 on a Virtual Machine -- Configuring Windows Server 2008 on a Virtual Machine -- Promoting Windows Server 2008 to a Domain Controller -- Applying Changes to the Domain Controller -- Glossary.