Security for Microsoft Windows System Administrators

Size: px

Start display at page:

Download "Security for Microsoft Windows System Administrators"

Randolf Murphy
5 years ago
Views:

1 Security for Microsoft Windows System Administrators

3 Security for Microsoft Windows System Administrators Introduction to Key Information Security Concepts Derrick Rountree Rodney Buike, Technical Editor AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO SAN FRANCISCO SINGAPORE SYDNEY TOKYO Syngress is an imprint of Elsevier SYNGRESS

4 Acquiring Editor: Angelina Ward Development Editor: Heather Scherer Project Manager: Paul Gottehrer Designer: Alisa Andreola Syngress is an imprint of Elsevier 30 Corporate Drive, Suite 400, Burlington, MA 01803, USA 2011 Elsevier, Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein). Notices Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility. To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein. Library of Congress Cataloging-in-Publication Data Application submitted British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library. ISBN: Printed in the United States of America Typeset by: diacritech, Chennai, India For information on all Syngress publications visit our website at

5 Dedication This book is dedicated to my daughter Riley, my grandmother Rosa, and my great grandmother Mary.

7 CONTENTS vii CONTENTS Acknowledgments ix About the Author xi Chapter 1 Introduction to General Security Concepts Principles of Information Security Information Security Standards, Regulations, and Compliance Authentication, Authorization, and Accounting (AAA) Access Control Summary Chapter 2 Cryptography Basic Cryptography Concepts PKI Concepts Implementing PKI and Certificate Management Summary Chapter 3 Network Security General Network Concepts and Vulnerabilities Network Services and Network Devices Internet Security and Vulnerabilities Network Security Tools and Devices Summary Chapter 4 System Security General System Security Threats Hardware and Peripheral Devices OS and Application Security Virtualization System-Based Security Applications Summary Chapter 5 Organizational and Operational Security Physical Security Concepts and Vulnerabilities Policies and Procedures

8 viii CONTENTS Risk Analysis Business Continuity and Disaster Recovery Summary Chapter 6 Security Assessments and Audits Vulnerability Assessments and Testing Monitoring Logging and Auditing Summary Appendix A: Common Applications and Port Numbers Appendix B: Information Security Professional Certifications Index

9 ACKNOWLEDGMENTS ix Acknowledgments First, I would like to thank my wife Michelle. We are heading down the new road of parenthood together. It s both exciting and a little bit scary. I would like to thank my mother Claudine, my sister Kanesha, and my grandmother Lugenia. Thank you for being there for me. I would also like to thank my two best friends Carrie and Fela. The two of you have shown me what true friendship is. You ve also served as examples of persistence and dedication. Because of you, I know the road may be long, but if you stick with it, eventually you will get to your destination. I love you all. Finally, I would like to thank the Elsevier staff, especially Angelina Ward, Senior Acquisitions Editor and Heather Scherer, Developmental Editor. It has truly been a pleasure working with you.

11 ABOUT THE AUTHOR xi About the Author Derrick Rountree (CISSP, Security +, MCSE, MCSA) has been in the IT field for over 16 years. He has a Bachelors of Science in Electrical Engineering. Derrick has held positions as a network administrator, IT consultant, and QA engineer. He has experience in network security, operating system security, application security, and secure software development. Derrick has contributed to several other Syngress and Elsevier publications on Citrix, Microsoft, and Cisco technologies. Tech Editor Rodney Buike (MCSE) is an IT pro advisor with Microsoft Canada. As an IT pro advisor, Rodney spends his day helping IT professionals in Canada with issues and challenges they face in their environment and careers. He also advocates for a stronger community presence and shares knowledge through blogging, podcasts, and in-person events. Rodney s specialties include Exchange Server, virtualization, and core infrastructure technologies on the Windows platform. Rodney worked as a LAN administrator, system engineer, and consultant and has acted as a reviewer on many popular technical books. Rodney is also the founder and principal content provider for Thelazyadmin.com and a former author for MSExchange.org.

HTML5 MOBILE WEBSITES

HTML5 MOBILE WEBSITES HTML5 MOBILE WEBSITES TURBOCHARGING HTML5 WITH jquery MOBILE, SENCHA TOUCH, AND OTHER FRAMEWORKS MATTHEW DAVID AMSTERDAM BOSTON HEIDELBERG LONDON NEW YORK OXFORD PARIS SAN DIEGO