> Fee Download Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar

Fee Download Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar

If you get the printed book Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar in on the internet book store, you may likewise locate the exact same issue. So, you must relocate establishment to shop Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar and also search for the available there. But, it will certainly not occur here. The book Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar that we will offer here is the soft documents concept. This is just what make you can effortlessly locate as well as get this Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar by reading this website. Our company offer you Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar the best product, always and consistently.

Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar

Fee Download Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar

Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar. Reviewing makes you a lot better. Which says? Several smart words claim that by reading, your life will certainly be much better. Do you believe it? Yeah, show it. If you require the book Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar to read to confirm the sensible words, you can visit this web page flawlessly. This is the website that will provide all the books that most likely you require. Are guide's compilations that will make you feel interested to read? One of them right here is the Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar that we will recommend.

The reason of why you can obtain and also get this Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar earlier is that this is the book in soft documents form. You can check out the books Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar wherever you desire even you are in the bus, workplace, residence, and various other places. Yet, you might not have to move or bring guide Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar print anywhere you go. So, you will not have larger bag to bring. This is why your option to make much better concept of reading Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar is truly handy from this situation.

Recognizing the means how to get this book Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar is additionally important. You have actually been in appropriate site to begin getting this information. Get the Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar web link that we offer right here and see the link. You could get the book Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar or get it as quickly as possible. You can rapidly download this Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar after getting offer. So, when you require the book quickly, you can straight obtain it. It's so very easy therefore fats, right? You should choose to by doing this.

Merely connect your tool computer or gizmo to the web hooking up. Get the modern technology to make your downloading Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar completed. Also you do not want to review, you can straight shut guide soft data and open Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar it later on. You can likewise effortlessly get guide everywhere, since Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar it remains in your gizmo. Or when remaining in the office, this Microsoft® Windows® Security Resource Kit, By Ben Smith, Brian Komar is additionally suggested to check out in your computer system device.

Now fully updated and revised, this official Microsoft RESOURCE KIT delivers the in-depth information and tools you need to help protect your Windows-based clients, servers, networks, and Internet services. Security experts Ben Smith and Brian Komar, working in conjunction with the Microsoft Security Team, explain how core Windows security internals work and how to assess security threats and vulnerabilities, configure security features, monitor and respond to security events, and effectively apply security technologies and best practices. You’ll find new information on Microsoft Windows Server™ 2003 Service Pack 1, Windows XP Service Pack 2, and Microsoft Office 2003 Editions. And you’ll get essential tools, scripts, templates, and other key resources on the CD.

Get in-depth guidance on how to:

• Build security considerations into the design of Active Directory® objects, domains, and forests; manage user accounts and passwords; apply Group Policy
• NEW—Utilize the Security Configuration Wizard and Windows Update Services
• Configure TCP/IP and the Windows Firewall, and address the unique security risks of mobile computing and wireless networking
• Define security settings for domain controllers, IIS 5.0 and 6.0, Windows Terminal Services, and DNS, DHCP, WINS, RAS, and certificate servers
• NEW—Design an 802.1x authentication infrastructure
• NEW—Implement the security advances in Microsoft Office 2003 Editions, IIS 6.0, and the latest service packs
• Perform security assessments and respond to security incidents
• Manage security and privacy settings for Microsoft Office and Internet Explorer

CD features:

• 20+ tools and scripts, including:
• Placeholder script
• Xcacls.vbs—to script file and folder permissions
• EventcombMT.exe—to collect and search event logs from multiple computers through a GUI
• Microsoft Encyclopedia of Networking, Second Edition, eBook
• Microsoft Encyclopedia of Security eBook
• Bonus content from additional Microsoft Press® security books
• eBook of the complete RESOURCE KIT

A Note Regarding the CD or DVD

The print version of this book ships with a CD or DVD. For those customers purchasing one of the digital formats in which this book is available, we are pleased to offer the CD/DVD content as a free download via O'Reilly Media's Digital Distribution services. To download this content, please visit O'Reilly's web site, search for the title of this book to find its catalog page, and click on the link below the cover image (Examples, Companion Content, or Practice Files). Note that while we provide as much of the media content as we are able via free download, we are sometimes limited by licensing restrictions. Please direct any questions or concerns to booktech@oreilly.com.

• Sales Rank: #2443954 in Books
• Published on: 2005-04-27
• Original language: English
• Number of items: 1
• Dimensions: 9.00" h x 1.93" w x 7.38" l,
• Binding: Paperback
• 752 pages

About the Author

p>Ben Smith is a senior security strategist at Microsoft, where he works on developing the company's long-term security strategy. Prior to joining the Microsoft Security Strategies team, he was the lead subject matter expert on security for Microsoft Training & Certification. In addition to being a featured speaker at IT industry conferences, Ben recently consulted with the U.S. National Science Foundation on creating methods for preparing a cyber security workforce. Ben is also the chair of the vendor-neutral security certification, CompTIA Security+. He is a Microsoft Certified Systems Engineer (MCSE), Microsoft Certified Trainer (MCT), Certified Information Systems Security Professional (CISSP), and a Cisco Certified Network Associate (CCNA). Ben lives near Redmond, Washington, with his wife Beth Boatright.

Brian Komar is the owner and principal consultant for Komar Consulting, Inc., a consulting firm specializing in network security and Public Key Infrastructure (PKI). Brian partners with Microsoft on several ventures, which include developing security-related courseware for Microsoft Training & Certification, authoring material for Microsoft Prescriptive Architecture Guides, and writing PKI white papers for the Microsoft Security team. Brian is a frequent speaker at IT industry conferences such as Microsoft Tech Ed, MCP TechMentor, and Windows & .NET Magazine Connections. Brian lives in Winnipeg, Canada, with his wife Krista Kunz.

Most helpful customer reviews

31 of 31 people found the following review helpful.
Great security info and not just for administrators
By Steven L. Umbach
The Windows Security Resource Kit is a wonderful wealth of information on securing Windows networks and operating systems. It is useful for anyone above the beginner level. It concentrates on using features of primarily Windows 2000 and XP to maximize security for various levels of needs. It is not about building a bastion host or configuring firewalls.
It is not a "cookbook" like too many training manuals are these days and is not full of fluff - it covers a lot of territory in it's 680 pages and is not geared for technogeeks, but is clearly written and understandable to the average Joe and Jane [except page 349]. The first two chapters put you in the security "mindset" - Key Principles of Security [including the Ten Immutable Laws of Security] and Understanding Your Enemy. I think that is very important, because security needs to be approached from an attitude about what you are up against and how only one vulnerability can sink your boat.
The next twenty three chapters are logically divided into security topics that can later be accessed easily as needed for reference purposes. Each chapter ends with best pratices recap and references to other books or Knowledge Base articles.
I thought the "meat" of the book was thorough, interesting, and accurate. Finally I have one place to go for an explaination of what ALL the user rights, security options, and services are. There is an excellent chapter on securing tcp/ip with specific recommendations on registry modifications to defend against a denial of service attack and even a .vbs script on the cdrom to implement them all. An equally excellent chapter on auditing including comprehensive tables explaining Event Ids and Event ID 681 failure codes. I finally know what the difference is between auditing account log on and log on events. Chapter 10 goes into great detail about ALL of the various settings in the Web Content Zones for Internet Explorer and how to configure them for your needs. Cookie/Privacy settings are also explained in detail. Chapter 7 includes specific recommendations on ntfs security settings for every folder in a new installation and a security template to implement them. I was impressed with Chapter 21 in that it shows you how to secure an IIS 5.0 server without having to be an IIS expert. Chapters 22 and 23 nicely explain patch management, Windows Update, using Microsoft Baseline Security Analyzer tool, and using SUS for patch management on a large scale basis. The chapter on remote access and vpn explains the differences in pptp and l2tp and when to use each. Other chapters cover securing Terminal Services, authentication - various settings for Lan Manager authentication level, managing security templates/Security Configuration and Analysis tool, wireless networking/WEP, EFS [ten pages of crucial info], ipsec, Certificate Services, Group Policy, Active Directory [I now know how to use dsacls to reset object permissions to default], securing laptops [very informative], permissions, account/password policies, and managing users. Chapter 24 covers using security assessment tools including how to port scan and a extensive chart of common Windows ports and what applications use them.
Part VI of the book breaks away from Windows specific configurations and is called Planning and Performing Security Assessments and Incident Responses. It discusses vulnerability scanning, penetration testing, and security audits. This part is also extremely informative to those of us who are not trained in what to do after an incident - what to do when an intrusion is detected, who to inform , and most importantly how to preserve data in the event of criminal prosecution or to reconstruct the attack. The last chapter goes into privacy issues that one needs to know as how far can one go in gathering information from a legal standpoint.
Windows Security Resource kit is a very valuable resource in my opinion to anyone interested in securing a Windows computer or network. The writing style is very understandable and you do not have to read the whole book for it to make sense if only certain topics are of interest. It does not however go into too much detail on importance of virus/trojan protection or perimiter/firewall security but there are whole other books written on those topics. The included cdrom has many tools from the Resource Kit and the book itself. I also highly recommend it to anyone studying for their MCSE and consider it a "must have" for anyone planning to take any of the MCSE security exams or pursue the MCSE Security certification. Kudos to Microsoft Press for this one.

20 of 21 people found the following review helpful.
Terrific update to excellent security guide!
By Steven L. Umbach
I have previously done a review of the First Edition of the Microsoft Windows Security Resource Kit which I was very impressed with. All what I said for that book still applies. The first book applied to Windows 2000 and XP Pro. Since then there has been a major upgrade for XP in SP2 and the introduction of Windows 2003 which the Second Edition covers. As with the first book this edition is great for anyone that wants to learn how to secure their Windows 2000/2003/XP Pro operating systems/networks and is geared mostly to administrator types though anyone with such interest including power users will find it extremely helpful.

In just under 700 pages no book can be all inclusive about Windows security. The Windows Security Resource Kit goes into detail on many commonly implemented topics like password/account policy and on others it shows you the basics of what is possible and then refers you to online documantation/white papers if you are interested in a full implementaion which keeps the book affordable, readable, and under 10,000 pages. For example there is a full chapter 25 with detailed instruction on how to implement 802.1X security for wired and wireless networks. For Software Restriction Policies there are three pages but that is enough to make a user aware of what SRP is, how it can help you prevent users from installing and running unathorized applications, and the basics of how to implement it. As a MCSE in Windows 2003:Security and a common newsgroup participant I am often amazed at the number of admnistrators that are not aware of many the security features of Windows 2000/2003/XP Pro such as SRP or in particular ipsec. They would benefit tremendously from this book.

The two chapters on privacy were dropped and more room is devoted to W2003/XP Pro. Though a lot of the content is the same as the previous version much as been revised or added. Below are some that I considered of note though my list is not all inclusive of changes.

CH3. A much better table with descriptions of well known sids.
CH8. Using EFS with Webdav to keep files encrypted on the network and sharing of EFS files.
CH9. Full list AND description of all services for Windows 2000/2003/XP Pro.
CH10. Windows firewall including how to configure for scope and exceptions, using Group Policy or scripted intstallations using netfw.inf. Improvements for ipsec in Windows 2003 including default exemption handling.
CH.11 Group Policy for wireless networks and Software Restriction Policies.
CH.12 Interet Explore securtiy and pop up blocker.
CH.15 One of my favorite chapters on auditing. Includes tables with listing of more Event ID's for object access and policy change.
CH.17 Listed specific service recommendations for domain controllers for both Windows 2000/2003 and also listed a recommended ipsec filter for securing a domain controller.
CH.19 Much is changed in 2003 Terminal Servies. - Use of Software Restriction Policies, smart card logon, and SSL for TS with SP1.
CH.22 For RRAS a big change is the cability of remote access quarantine control. A step by step is given with a link to sample scripts to use or modify.
CH.23 Implementation of role separation for certificate authorities.
CH.24 IIS 6.0 is disussed with it's security capabilities such as default install state, Automatic Health Monitoring, and the all important Application Isolation.
Ch.25 A whole step by step chapter on 802.1X for wired and wireless networks including Remote Access Policies, IAS, and deploying user and computer certificates. 802.1X can greatly increase security of WEP by using dynamic wep and forcing key renewal if you still have to use WEP.
CH.27 Briefy discusses Windows Update Services and its advantages.
CH.29 How to install and use the Windows 2003 SP1 Security Configuration Wizard to help select a computer profile for "hardening" to disable uneeded servces, configure audit policy, and use ipsec filters to block uneeded ports! In my opinion this is a tremendous tool that also has a rollback capability. New features of netstat are shown [note that netstat -b can be used to show executeable to port use though not covered in the book]. Two extremely helpful new tools - portquery and port reporter.
CH.31 Great table on using built in and third party tools to capture state of the computer for incident response investigation. I am surprised however that msinfo32 was not mentioned as you can use it to generate a very useful report to a .nfo file.

There is much discussion throughout the book on use of ipsec to protect your network with either ESP/AH encryption/integrity or the use of an ipsec "filter" policy to manage access to computer ports. Included are examples of ipsec filters for domain controller, wins, and DHCP. As much as I like the book I disagree with the recommendation on pages 375-376 on implementing ipsec for the domain by implementing a client/respond policy for the domain and then a server require ipsec policy for the domain controller container. Refer to KB254949 for more details and be sure to throughly test and ipsec policies on a test domain before implementing. Poorly planned ipsec implementation can cause havoc on a domain. I highly recommend that you read the white paper on Improving Security with Domain Isolation to see ipsec can do to protect your domain with the proper ipsec policies.

All in all I still believe that the Microsoft Windows Security Resource Book is a top notch book for anyone to own who wants to learn how to maximize security on their computer or network within their risk manangement paramaters. The changes in Windows XP Pro SP2 and more so Windows 2003 are very significant. If you already own the First Edtition but have upgraded to Windows 2003 or want to learn more about how Windows 2003 can improve your security then this book is for you.

4 of 4 people found the following review helpful.
Handy security reference manual to have around.
By Michael J Woznicki
Recently I passed the 70-214 exam, Security in a Windows 2000 Network Environment, I had very little resources to work with in my studies. What I could have used is this book which makes the perfect companion to Microsoft Press 70-214 Study guide.

The text is written to a specific exam, but rather to a specific topic, security and securing your network. The book works with Windows 2000 and XP network environments and gives you extensive coverage of the security settings you may need to implement on your network.

The authors created a 650 plus page text, which covers everything from passwords and group policies to terminal services and remote access security. I found some very and highly useful information, I really like chapter 2, Understanding Your Enemy.

Included with the book is a cdrom with over 50 utilities you can use for finding security leaks, holes and other risks. One tool I think needs to be added is the MBSA utility and this can be added in future updates.

Overall if you are looking to find ways to make you network more secure than this book is for you. Also whether you are new to the security arena or an old timer you can certainly learn something new.

See all 19 customer reviews...

Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar PDF
Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar EPub
Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar Doc
Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar iBooks
Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar rtf
Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar Mobipocket
Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar Kindle

> Fee Download Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar Doc

> Fee Download Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar Doc

> Fee Download Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar Doc

> Fee Download Microsoft® Windows® Security Resource Kit, by Ben Smith, Brian Komar Doc