Getting Started with Windows Server Security
()
About this ebook
- Learn how to identify and mitigate security risks in your Microsoft Server infrastructure
- Develop a proactive approach to common security threats to prevent sensitive data leakage and unauthorized access
- Step-by-step tutorial that provides real-world scenarios and security solutions
If you are a security or Windows Server administrator wanting to learn or advance your knowledge in Microsoft security and secure your Windows Server infrastructure effectively, this book is for you.
Related to Getting Started with Windows Server Security
Related ebooks
Building Virtual Pentesting Labs for Advanced Penetration Testing Rating: 0 out of 5 stars0 ratingsHands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools Rating: 0 out of 5 stars0 ratingsInstant Migration from Windows Server 2008 and 2008 R2 to 2012 How-to Rating: 0 out of 5 stars0 ratingsMicrosoft System Center Endpoint Protection Cookbook - Second Edition Rating: 0 out of 5 stars0 ratingsMastering Kali Linux for Web Penetration Testing Rating: 4 out of 5 stars4/5Learning PowerShell DSC Rating: 0 out of 5 stars0 ratingsPenetration Testing Bootcamp Rating: 5 out of 5 stars5/5SolarWinds Server & Application Monitor : Deployment and Administration Rating: 0 out of 5 stars0 ratingsInstant Windows PowerShell Guide Rating: 0 out of 5 stars0 ratingsTroubleshooting OpenVPN Rating: 0 out of 5 stars0 ratingsHyper-V Security Rating: 0 out of 5 stars0 ratingsMDM: Fundamentals, Security, and the Modern Desktop: Using Intune, Autopilot, and Azure to Manage, Deploy, and Secure Windows 10 Rating: 0 out of 5 stars0 ratingsEnterprise PowerShell Scripting Bootcamp Rating: 0 out of 5 stars0 ratingsNmap: Network Exploration and Security Auditing Cookbook - Second Edition Rating: 0 out of 5 stars0 ratingsNmap in the Enterprise: Your Guide to Network Scanning Rating: 0 out of 5 stars0 ratingsRed Hat Enterprise Linux Troubleshooting Guide Rating: 4 out of 5 stars4/5Learning Network Forensics Rating: 5 out of 5 stars5/5Snort Intrusion Detection and Prevention Toolkit Rating: 5 out of 5 stars5/5Containerization with LXC Rating: 0 out of 5 stars0 ratingsApplied Network Security Rating: 0 out of 5 stars0 ratingsCEH Certified Ethical Hacker Practice Exams, Third Edition Rating: 0 out of 5 stars0 ratingsWindows Forensic Analysis Toolkit: Advanced Analysis Techniques for Windows 7 Rating: 4 out of 5 stars4/5Wireshark Essentials Rating: 0 out of 5 stars0 ratingsCisco CCNA/CCENT Exam 640-802, 640-822, 640-816 Preparation Kit Rating: 1 out of 5 stars1/5CompTIA Linux+/LPIC-1: Training and Exam Preparation Guide (Exam Codes: LX0-103/101-400 and LX0-104/102-400) Rating: 0 out of 5 stars0 ratingsMicrosoft DirectAccess Best Practices and Troubleshooting Rating: 5 out of 5 stars5/5Security+ Study Guide Rating: 0 out of 5 stars0 ratings
System Administration For You
Learn Windows PowerShell in a Month of Lunches Rating: 0 out of 5 stars0 ratingsMastering Windows PowerShell Scripting Rating: 4 out of 5 stars4/5CompTIA A+ Complete Review Guide: Core 1 Exam 220-1101 and Core 2 Exam 220-1102 Rating: 5 out of 5 stars5/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5The Complete Powershell Training for Beginners Rating: 0 out of 5 stars0 ratingsPowerShell: A Comprehensive Guide to Windows PowerShell Rating: 4 out of 5 stars4/5Learn PowerShell in a Month of Lunches, Fourth Edition: Covers Windows, Linux, and macOS Rating: 0 out of 5 stars0 ratingsPractical Data Analysis Rating: 4 out of 5 stars4/5PowerShell: A Beginner's Guide to Windows PowerShell Rating: 4 out of 5 stars4/5Networking for System Administrators: IT Mastery, #5 Rating: 5 out of 5 stars5/5How To Speed Up Computer: Your Step-By-Step Guide To Speeding Up Computer Rating: 0 out of 5 stars0 ratingsBash for Fun: Bash Programming: Principles and Examples Rating: 0 out of 5 stars0 ratingsBuilding a Plex Server with Raspberry Pi Rating: 0 out of 5 stars0 ratingsLinux: Learn in 24 Hours Rating: 5 out of 5 stars5/5Learn SQL Server Administration in a Month of Lunches Rating: 3 out of 5 stars3/5Ethical Hacking Rating: 4 out of 5 stars4/5Linux Command-Line Tips & Tricks Rating: 0 out of 5 stars0 ratingsLearning Microsoft Endpoint Manager: Unified Endpoint Management with Intune and the Enterprise Mobility + Security Suite Rating: 0 out of 5 stars0 ratingsBash Command Line Pro Tips Rating: 5 out of 5 stars5/5Practical Automation with PowerShell Rating: 0 out of 5 stars0 ratingsLearn PowerShell Scripting in a Month of Lunches Rating: 0 out of 5 stars0 ratingsImprove your skills with Google Sheets: Professional training Rating: 0 out of 5 stars0 ratingsArduino Robotic Projects Rating: 4 out of 5 stars4/5Arduino: A Quick-Start Beginner's Guide Rating: 4 out of 5 stars4/5Data Acquisition from HD Vehicles Using J1939 CAN Bus Rating: 0 out of 5 stars0 ratingsLinux Bible Rating: 0 out of 5 stars0 ratings
Reviews for Getting Started with Windows Server Security
0 ratings0 reviews
Book preview
Getting Started with Windows Server Security - Santhosh Sivarajan
Table of Contents
Getting Started with Windows Server Security
Credits
About the Author
Acknowledgments
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers, and more
Why subscribe?
Free access for Packt account holders
Instant updates on new Packt books
Preface
What this book covers
What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Errata
Piracy
Questions
1. Operating System and Baseline Security
Microsoft Windows Server
Baseline and security
Security Configuration Wizard
Translating your policy into a technical policy
Creating a policy template
Policy review and validation
Policy implementation
Analyzing the result and troubleshooting
A backup or rollback plan
Summary
2. Native MS Security Tools and Configuration
Microsoft SCM
Installing Microsoft SCM
Administering Microsoft SCM
Creating and implementing security policies
Exporting GPO from Active Directory
Importing GPO into SCM
Merging imported GPO with the SCM baseline policy
Exporting the SCM baseline policy
Importing a policy into Active Directory
Maintaining and monitoring the integrity of a baseline policy
Microsoft ASA
Application control and management
AppLocker
Creating a policy
Auditing a policy
Implementing the policy
AppLocker and PowerShell
Summary
3. Server Roles and Protocols
Server types and roles
Managing servers using Server Manager
Monitoring and securing server roles
Creating a server role baseline report
Analyzing production servers
Server Message Block
Configuring and implementing SMB
Identifying the client and server operating system
Verifying the current SMB configuration
Enabling or disabling the SMB encryption
Verifying SMB communication
Summary
4. Application Security
File or data server
Applying baseline security
The access mechanism
Data protection
Removing unwanted shares
Data encryption using BitLocker encryption
Installing BitLocker
Verifying the encryption status
Encrypting data volume
Managing BitLocker volume
Print server
Applying baseline security
The print server role security
Print server access mechanisms
The printer driver security and installation
Print server and share permissions
Hyper-V servers
Applying baseline security
Securing the access mechanism
Guard protection
Enabling the guard protection
Encrypting Hyper-V host servers
Internet Information Services
Applying baseline security
Securing web server components
Securing the access mechanisms
Adding dynamic IP restrictions
Summary
5. Network Service Security
Baseline policies
Read-only Domain Controllers
Installing RODCs
Configuring RODCs
Domain Name System
Applying a DNS baseline policy
Enabling Scavenging on a DNS server
Enabling Scavenging on a DNS zone
Securing DNS dynamic updates
Cache poisoning attacks
Dynamic Host Configuration Protocol
Applying a DHCP baseline policy
Controlling and segregating IP address allocation
Configuring PBA
Securing DHCP administration
IP address and DNS management and monitoring
Service accounts
Group Managed Service Accounts
Creating a KDS root key
Creating Group Managed Service Accounts
Installing Group Managed Service Accounts
Configuring Group Managed Service Accounts
Enhanced Mitigation Experience Toolkit
Installing Enhanced Mitigation Experience Toolkit
Configuring Enhanced Mitigation Experience Toolkit
Summary
6. Access Control
Dynamic Access Control
Enabling the KDC support
Creating claim types
Creating and enabling resource properties
Creating a central access rule
Creating a central access policy
Deploying a central access policy
Configuring folder permissions on a file server
Verifying access the control configuration and permission
Summary
7. Patch Management
Microsoft Windows Server Update Services
Installing the WSUS web role
Configuring WSUS
Configuring and deploying automatic updates
Administering WSUS
Creating groups
Managing updates
Managing the group membership
Summary
8. Auditing and Monitoring
Auditing
Default auditing policies
Enabling Global Object Access Auditing – filesystem
Enabling Global Object Access Auditing – directory services
Event forwarding
Configuring the source computer
Configuring the target (collector) computer
Troubleshooting event forwarding
Monitoring
Microsoft Best Practice Analyzer
Monitoring the performance
Summary
Index
Getting Started with Windows Server Security
Getting Started with Windows Server Security
Copyright © 2015 Packt Publishing
All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.
Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.
Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.
First published: February 2015
Production reference: 1210215
Published by Packt Publishing Ltd.
Livery Place
35 Livery Street
Birmingham B3 2PB, UK.
ISBN 978-1-78439-872-9
www.packtpub.com
Credits
Author
Santhosh Sivarajan
Reviewers
Jack Cobben
Yuri Diogenes
Richard Diver
Richard M. Hicks
Commissioning Editor
Kunal Parikh
Acquisition Editor
Rebecca Youé
Content Development Editor
Shweta Pant
Technical Editor
Tanvi Bhatt
Copy Editors
Shivangi Chaturvedi
Adithi Shetty
Project Coordinator
Shipra Chawhan
Proofreaders
Maria Gould
Paul Hindle
Chris Smith
Indexer
Mariammal Chettiyar
Graphics
Abhinash Sahu
Production Coordinator
Melwyn D'sa
Cover Work
Melwyn D'sa
About the Author
Santhosh Sivarajan is a recognized subject matter expert in the Microsoft technology arena. He has extensive experience in designing, migrating, developing, and implementing enterprise solutions using Microsoft products and technologies. He holds a master's degree in computer information systems from the University of Houston, Texas. His certifications include MCITP, MCTS, MCSE, MCSA, Network+, CCNA, ITIL, and many more. He is also a certified migration expert in Quest Migration Manager products.
His blog (http://blogs.sivarajan.com) and SS Technology Forum (http://www.sivarajan.com/forum) are well known in the industry for providing free technical information and support. You can follow Santhosh on Twitter via @santhosh_sivara.
He is the author of the book Migration from Windows Server 2008 to Windows Server 2012, Packt Publishing. He has also published hundreds of articles on various technology sites.
Microsoft has recognized Santhosh with the Microsoft Most Valuable Professional (MVP) award multiple times for his exceptional contribution to the technical community. He lives in Sugarland, Texas, with his wife, Anjali, who is also an IT professional, and their 3-year-old daughter, Gayathri.
Acknowledgments
First and foremost, I would like to thank God for giving me the power to believe in myself and pursue my dreams.
My IT enterprise journey started from Camp Doha with the US Army (now known as Camp Arifjan) in Kuwait. The support and encouragement from the ADPE group and other army personnel at Camp Doha helped me start my career with a strong foundation. I am dedicating this book to my old friends and colleagues in Camp Doha.
Of course, I could not have completed this book without the support and encouragement of my family, especially my wife, Anjali, and my daughter, Gayathri, for giving up some of our time together so that I could share my ideas through this book.
I am grateful to all my friends and colleagues for their support throughout my career. A special thanks to my Microsoft MVP friends for listening to me and supporting my ideas. A special thanks to the book reviewers, Yuri Diogenes, Richard Hicks, Richard Diver, and Jack Cobben, for providing their constructive criticism and feedback. I would also like to express my gratitude and thanks to the entire Packt Publishing team for this opportunity and their support throughout this process.
About the Reviewers
Jack Cobben is no stranger to the challenges enterprises can experience when managing large deployments of Windows systems and Citrix implementations, with over 13 years of systems management experience in his free time he writes for his own blog, www.jackcobben.nl, and is active on Citrix support forums. He loves to test new software and share his knowledge in any way he can. You can follow him on Twitter via @jackcobben.
Jack has reviewed several other books such as Citrix XenDesktop 7 Cookbook, Getting Started with Citrix Provisioning Services 7.0, Getting Started with XenDesktop 7.x, and other titles for Packt Publishing.
A big thanks to my wife and twins for letting me have the time to review this book.
While he works for Citrix, Citrix didn't help with, or support, this book in any way or form.
Yuri Diogenes has a master's degree in cyber security, specializing in cyber intel and forensics investigation from UTICA College and an MBA from FGV (Brazil). He is also certified in CISSP, CASP, E|CEH, E|CSA, CompTIA, Security+, CompTIA Cloud Essentials Certified, CompTIA Network+, CompTIA Cloud+, CompTIA Mobility+, Azure Specialist, MCSE, and MCTS. Yuri is a senior member of the ISSA Forth Worth/TX chapter, a member of CSA Brazil, and a speaker at Hacker Halted, TechEd US, TechEd Europe, and TechEd Brazil. He is also a coauthor of Windows Server 2012 Security from End to Edge and Beyond from Syngress, Microsoft Forefront Threat Management Gateway (TMG) Administrator's Companion by Microsoft Press, as well as three other books about Forefront (UAG, TMG, and FPE) by Microsoft Press, and a cloud essentials certification book and security+ book (both in Portuguese) by Novaterra Publisher. You can follow Yuri on Twitter via @yuridiogenes.
I would like to thank the Packt Publishing team for the opportunity to partner in this project, the author of this book for taking my feedback and addressing it, and to my wife, Alexsandra, and daughters, Yanne and Ysis, for always supporting me. Love you!
Richard Diver is a solutions architect with 15 years of experience across multiple industries and technologies, with a focus on Microsoft infrastructure, mobility, and identity management solutions. His previous book contributions include topics such as Sysinternals Tools, Windows Intune, and Office 365.
Richard M. Hicks (MCP, MCSE, MCTS, and MCITP Enterprise Administrator) is a network and information security expert specializing in Microsoft technologies. As a six-time Microsoft Most Valuable Professional (MVP) in the Enterprise Security discipline, he has traveled around the world, speaking to network engineers, security administrators, and IT professionals about Microsoft edge security and remote access solutions.
Richard has nearly two decades of experience working in large-scale corporate computing environments and has designed and deployed perimeter defense and secure remote access solutions for some of the largest companies in the world. He blogs extensively about Microsoft edge security and remote access solutions and is a contributing author at popular sites such as CloudComputingAdmin.com, WindowsSecurity.com, ISAserver.org, and the Petri IT Knowledgebase. In addition, he is a Pluralsight author and has served as the technical reviewer on several Windows Server and network security books.
Richard is the technical services director for Celestix Networks, a Microsoft OEM partner developing Microsoft-based edge security and remote access solutions. He's an avid fan of Major League Baseball, in particular, the Los Angeles Angels (of Anaheim!) and also enjoys craft beer and single malt Scotch whisky. He was born and raised in beautiful, sunny Southern California. He still resides there with Anne, the love of his life and wife of 27 years, along with their four children. You can keep up with Richard by visiting http://www.richardhicks.com/.
www.PacktPub.com
Support files, eBooks, discount offers, and more
For support files and downloads related to your book, please visit www.PacktPub.com.
Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as