did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9780470101551

WindowsTM Vista Security: Securing Vista Against Malicious Attacks

by ;
  • ISBN13:

    9780470101551

  • ISBN10:

    0470101555

  • Format: Paperback
  • Copyright: 2007-07-01
  • Publisher: Wiley
  • Purchase Benefits
  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $44.99
We're Sorry.
No Options Available at This Time.

Summary

Written by two veteran Windows security experts-one a Microsoft Security MVP and Foundstone Security Consultant, and the other a former senior member of Microsoft's Security Engineering Team-this essential resource prepares end users and technical administrators to handle various security problems that exist in Windows Vista as well as possible future threats. Offering in-depth coverage of all significant new security technologies in Windows Vista, this book addresses User Account Control, the new Firewall, Internet Explorer 7.0, Windows Defender, Service Hardening, and BitLocker.

Author Biography

Roger A. Grimes, CPA, CISSP, four-time MVP, is a 20-year industry veteran and author of seven books and over 200 articles on Windows security. Currently working for Microsoft as an ACE Team senior security consultant, Roger previously taught Windows and Linux security for Foundstone and is a highly requested industry speaker.

Jesper M. Johansson is currently working on application security and developer security training on large software projects. Prior to his current work he was a senior security strategist at Microsoft Corporation and is a well known authority on Windows operating system security. He holds a Ph.D. in Management Information Systems.

Table of Contents

Forewordp. xxvii
Acknowledgmentsp. xxxi
Introductionp. xxxiii
Introducing Windows Vistap. 1
New Security Featuresp. 3
Security Development Lifecyclep. 3
Improved C++ Securityp. 4
Address Space Layout Randomizationp. 5
Data Execution Protectionp. 6
Protected Processesp. 7
Windows Vista User Experiencep. 7
Host-Based Securityp. 8
Boot Changesp. 8
Boot Configuration Datap. 8
System Recoveryp. 10
Startup Repair Toolp. 11
BitLocker Drive Encryption and TPMp. 11
Security Defaultsp. 12
Windows Defenderp. 13
Malicious Software Removal Toolp. 13
Improved Logon Architecturep. 14
LAN Manager Disabledp. 14
Better Support for Additional Authentication Methodsp. 14
Session Isolationp. 16
Service Hardeningp. 17
Enhanced Device Driver Experiencep. 18
User-Mode Driver Frameworkp. 19
Portable Media Device Controlp. 19
ReadyBoost Memoryp. 19
User Account Controlp. 20
Secure Desktopp. 21
Mandatory Integrity Controlp. 22
Improved File, Folder, and Registry Protectionp. 23
NTFS Changesp. 23
Creator Owners Can Be Prevented from Having Full Controlp. 24
Per Socket Permissionsp. 24
New Built-in Users and Groupsp. 24
File and Registry Virtualizationp. 25
Windows Resource Protectionp. 25
Encryption Enhancementsp. 26
EFS Enhancementsp. 27
RMS-Integrated Clientp. 27
Unix on Windowsp. 28
Improved Patch Managementp. 28
Hot Patching and Restart Managerp. 28
Improved Event Logsp. 28
Subscription and Forwarded Eventsp. 29
Task Managerp. 30
Increased Emphasis on Backupp. 31
Securing E-mail and the Internetp. 31
Windows Mailp. 31
Internet Explorerp. 32
IIS 7p. 34
Securing Windows Networksp. 34
Enhanced Network Location Awarenessp. 35
Network Mapp. 35
The Rebuilt TCP/IP Stack with IPv6p. 36
Routing Compartmentalizationp. 36
Windows Firewallp. 36
Domain Isolationp. 36
Improved Wireless Securityp. 37
New Peer-to-Peer Networkingp. 37
SMB 2.0p. 38
Group Policyp. 38
64-bit Only Improvementsp. 39
Future Improvementsp. 40
Summaryp. 40
Best Practicesp. 42
How Hackers Attackp. 43
Malicious Exploitationp. 43
Eight Exploitation Techniquesp. 43
Logon Credential Guessing/Crackingp. 44
Password Guessingp. 44
Buffer Overflowp. 51
Metasploit Frameworkp. 53
OS or Application Vulnerabilityp. 54
Privilege Escalationp. 54
Information Disclosurep. 55
Data Malformationp. 55
Unintended Consequencesp. 56
OS or Application Misconfigurationp. 56
Eavesdropping/Man-in-the-Middle Attackp. 57
Denial of Service Attackp. 57
Client-Side Attackp. 58
Social Engineeringp. 59
Dedicated Hacker Methodologyp. 60
Automated Malwarep. 62
Computer Virusp. 62
Computer Wormp. 62
Trojan Horse Programp. 62
Botp. 63
Spywarep. 64
Adwarep. 64
Where Windows Malware Hidesp. 65
Why Malicious Hackers Hackp. 70
Summaryp. 71
Windows Infrastructurep. 73
Boot Sequencep. 74
Boot Viruses No Longer a Threatp. 76
BitLocker Volume Encryptionp. 76
Enabling TPM and BitLockerp. 80
Post-Boot Startupp. 87
Applying Security Policyp. 88
Name Resolutionp. 89
NetBIOS Name Resolution Is Often Requiredp. 90
User Profilesp. 90
Servicesp. 92
Services You Need To Understandp. 94
Svchostp. 94
RPCp. 95
SMB/CIFSp. 97
Computer Browser, Workstation, and Server Servicep. 98
Autorun Programsp. 99
Registryp. 101
Registry Structurep. 101
HKey_Local_Machine Hivep. 102
HKey_Classes_Rootp. 103
HKey_Current_Usersp. 107
HKey_Usersp. 107
HK_Current Configp. 107
Logon Authenticationp. 108
Identityp. 108
Authenticationp. 109
Computer Accountsp. 109
Password Storagep. 110
Authentication Protocolsp. 110
SAM Versus Active Directoryp. 112
Cache Credentialsp. 113
Access Controlp. 114
Share Versus NTFS Permissionsp. 115
Impersonation Versus Delegationp. 115
Integrity Controlsp. 116
Summaryp. 117
Host-Based Securityp. 119
User Account Controlp. 121
Introductionp. 121
Basicsp. 123
Security Identifiersp. 124
Security Tokenp. 125
The Case for Least Privilegep. 128
Admins Are Omnipotentp. 129
User Account Control Is More Than You Thinkp. 129
Elevationp. 130
Non-Admin Elevationp. 137
Special Topics in Elevationp. 139
New Privileges to Delegate Common Tasksp. 140
Application Factoringp. 143
Virtualizationp. 145
Integrity Labels and Low Rights Appsp. 146
Special Treatment of Built-in Administratorp. 146
No More Power Usersp. 147
UAC and Remote Accessp. 148
SMB Accessp. 148
Remote Desktop and Remote Assistancep. 148
UAC Policy Configurationp. 150
User Account Control: AdminApproval Mode for the Built-in Administrator Accountp. 150
User Account Control: Behavior of the Elevation Prompt for Administrators in Admin Approval Modep. 150
User Account Control: Behavior of the Elevation Prompt for Standard Usersp. 150
User Account Control: Detect Application Installations and Prompt for Elevationp. 151
User Account Control: Only Elevate Executables that Are Signed and Validatedp. 151
User Account Control: Only Elevate UIAccess Applications that Are Installed in Secure Locationsp. 152
User Account Control: Run All Administrators in Admin Approval Modep. 152
User Account Control: Switch to the Secure Desktop when Prompting for Elevationp. 152
User Account Control: Virtualize File and Registry Write Failures to Per-User Locationsp. 152
Frequently Asked Questions About UACp. 153
Why Can't I Access My Files?p. 153
Why Can't I Delete Stuff If I Elevate Windows Explorer?p. 154
How Do I Disable UAC?p. 156
What Happens If I Turn Off UAC?p. 157
What Access Do Low Processes Have to High Processes?p. 157
Why Does the Screen Have to Go Black?p. 158
I Don't Need UAC; Can I Just Enable It for Other Users?p. 159
What About Remote Access?p. 160
Why Isn't UAC More Like Sudo?p. 160
How Do I Audit Elevation?p. 162
Leveraging User Account Control in Applicationsp. 164
Application Manifestsp. 165
Elevating Installersp. 166
Elevating in Scriptsp. 166
The Elevate Toolp. 166
Elevated Command Promptp. 166
Summaryp. 168
Best Practicesp. 168
Managing Access Controlp. 171
Access Control Terminologyp. 172
Securable Objectp. 172
Access Control Listp. 173
Security Descriptorp. 173
Access Control List Entryp. 174
ACL Representationsp. 174
Inheritancep. 174
How an Access Control List Is Usedp. 175
Major Access Control List Changes in Vistap. 178
Least Privilegep. 179
New and Modified Users and Groupsp. 179
Administrator - Disabled By Defaultp. 180
Power Users Permissions Removedp. 180
Trusted Installerp. 181
Help and Support Accounts Removedp. 181
New Network Location SIDsp. 181
OWNER_RIGHT and Owner Rightsp. 182
Default ACLsp. 183
Trusted Installerp. 184
Deny ACEsp. 184
Default Permissionsp. 186
Share Securityp. 189
Changes to Tokenp. 189
Integrity Levelsp. 190
Tools to Manage Access Control Listsp. 190
Cacls and Icaclsp. 191
Save ACLsp. 191
Restore ACLsp. 192
Substitute SIDsp. 193
Change Ownerp. 194
Find All Aces Granted to a Particular Userp. 195
Resetting ACLsp. 195
Grant/Deny/Removep. 195
Set Integrity Levelp. 196
ACL UIp. 197
Other Toolsp. 199
Registry ACLsp. 199
Summaryp. 201
Best Practicesp. 201
Application Securityp. 203
Client Securityp. 203
Service Hardeningp. 204
Service SIDp. 204
Services Running with Less Privilegep. 205
Reduction of Privileges in Servicesp. 205
Write Restricted Tokensp. 207
Firewall Policies Restricting Servicesp. 207
Named Pipes Hardeningp. 207
Windows Resource Protectionp. 209
Session 0 Isolationp. 210
Sessionsp. 210
Window Stationsp. 211
Desktopsp. 211
Why Session Isolation Is Neededp. 211
How Session 0 Isolation Worksp. 212
Reducing the Footprintp. 213
No Longer Installed by Defaultp. 214
Gone Altogetherp. 214
Added Insteadp. 215
It Should Have Been Gonep. 215
Restart Managerp. 216
ActiveX Installer Servicep. 218
Antivirusp. 220
Desktop Optimization Packp. 221
Summaryp. 222
Best Practicesp. 222
Vista Client Protectionp. 225
Popularity of Client-Side Attacksp. 225
Malicious Software Removal Toolp. 226
Security Centerp. 230
Windows Defenderp. 231
Windows Live OneCarep. 238
Microsoft Forefront Client Securityp. 239
Should Microsoft Be in the Anti-Malware Business?p. 239
Summaryp. 241
Best Practicesp. 241
Securing Internet and E-mail Accessp. 243
Securing Internet Explorerp. 245
Should You Use Another Browser?p. 245
New IE 7.0 Security Featuresp. 248
Protected Modep. 248
New Low Integrity Folders and Registry Keysp. 250
IE Compatibility Shimsp. 251
Protected Mode's Impact on Malware and Hackersp. 253
Anti-Phishing Filterp. 254
Add-on Managementp. 256
Improved ActiveX Control Handlingp. 257
Improved Digital Certificate Handling and Encryptionp. 257
Improved URL Handling Protectionsp. 258
CardSpacep. 259
Internet Explorer Security Settingsp. 260
Security Zonesp. 260
Local Computer Zonep. 260
Internet Site Zonep. 261
Local Intranet Zonep. 262
Trusted Sites Zonep. 263
Restricted Sites Zonep. 263
Zone Security Settingsp. 264
.NET Framework - Loose XAMLp. 264
.NET Framework - XAML Browser Applicationsp. 264
.NET Framework - XPS Documentsp. 264
.NET Framework-Reliant Components - Run Components Not Signed with Authenticodep. 265
.NET Framework-Reliant Components - Run Components Signed with Authenticodep. 265
ActiveX Controls and Plug-Ins - Allow Previously Unused ActiveX Controls to Run Without Promptingp. 265
ActiveX Controls and Plug-Ins - Allow Scriptletsp. 266
ActiveX Controls and Plug-Ins - Automatic Prompting for ActiveX Controlsp. 266
ActiveX Controls and Plug-Ins - Binary and Script Behaviorsp. 266
ActiveX Controls and Plug-Ins - Display Video and Animation on a Web Page That Does Not Use External Media Playerp. 267
ActiveX Controls and Plug-Ins - Download Signed ActiveX Controlsp. 267
ActiveX Controls and Plug-Ins - Download Unsigned ActiveX Controlsp. 267
ActiveX Controls and Plug-Ins - Initialize and Script ActiveX Controls Not Marked as Safe for Scriptingp. 267
ActiveX Controls and Plug-Ins - Run ActiveX Controls and Plug-Insp. 268
ActiveX Controls and Plug-Ins - Script ActiveX Controls Marked Safe for Scriptingp. 268
Downloads - Automatic Prompting for File Downloadsp. 268
Downloads - File Downloadp. 269
Downloads - Font Downloadp. 270
Enable .Net Framework Setupp. 270
Java VM-Java Permissionsp. 270
Miscellaneous - Access Data Sources Across Domainsp. 270
Miscellaneous - Allow META REFRESHp. 270
Miscellaneous - Allow Scripting of Internet Explorer Web Browser Controlp. 270
Miscellaneous - Allow Script-Initiated Windows Without Size or Position Constraintsp. 271
Miscellaneous - Allow Web Pages to Use Restricted Protocols for Active Contentp. 271
Miscellaneous - Allow Websites to Open Windows Without Address or Status Barsp. 271
Miscellaneous - Display Mixed Contentp. 271
Miscellaneous - Don't Prompt for Client Certificate Selection When No Certificates or Only One Certificate Existsp. 272
Miscellaneous - Drag and Drop or Copy and Paste Filesp. 272
Miscellaneous - Include Local Directory Path When Uploading Files to a Serverp. 273
Miscellaneous - Installation of Desktop Itemsp. 273
Miscellaneous - Launching Applications and Unsafe Filesp. 273
Miscellaneous - Launching Programs and Files in an Iframep. 273
Miscellaneous - Navigate Sub-Frames Across Different Domainsp. 273
Miscellaneous - Open Files Based on Content, Not File Extensionp. 274
Miscellaneous - Software Channel Permissionsp. 274
Miscellaneous - Submit Non-Encrypted Form Datap. 274
Miscellaneous - Use Phishing Filterp. 274
Miscellaneous - Use Pop-Up Blockerp. 275
Miscellaneous - Userdata Persistencep. 275
Miscellaneous - Web Sites in Less Privileged Web Content Zone Can Navigate into This Zonep. 275
Scripting - Active Scriptingp. 275
Scripting - Allow Programmatic Clipboard Accessp. 275
Scripting - Allow Status Bar Updates Via Scriptp. 276
Scripting - Allow Websites to Prompt for Information Using Scripted Windowp. 276
Scripting - Scripting of Java Appletsp. 277
User Authenticationp. 277
IE Advanced Settingsp. 282
Browsing - Disable Script Debugging (Internet Explorer or Other)p. 282
Browsing - Display a Notification About Every Script Errorp. 282
Browsing - Enable Third-Party Extensionsp. 282
Browsing - Use Inline Autocompletep. 282
International - Send UTF-8 URLSp. 283
Java (or Java-Sun) - Use JRE x.x for [left angle bracket]applet[right angle bracket]p. 283
Security - Allow Active Content from CDs to Run on My Computerp. 283
Security - Allow Active Content to Run in Files on My Computerp. 283
Security - Allow Software to Run or Install Even If the Signature Is Invalidp. 283
Security - Check for Publisher's Certificate Revocationp. 283
Security - Check for Server Certificate Revocationp. 284
Security - Check for Signatures on Downloaded Programsp. 284
Security - Do Not Save Encrypted Pages to Diskp. 284
Security - Empty Temporary Internet Files Folder When Browser Is Closedp. 284
Enable Memory Protection to Help Mitigate Online Attacksp. 285
Security - Enable Integrated Windows Authenticationp. 285
Security - Phishing Filter Settingsp. 286
Security - Use SSL 2.0, SSL 3.0, TLS 1.0p. 286
Security - Warn About Invalid Site Certificatesp. 287
Security - Warn If Changing Between Secure and Not Secure Modep. 287
Security - Warn If Forms Submittal Is Being Redirectedp. 287
Other Browser Recommendationsp. 288
Don't Browse Untrusted Web Sitesp. 288
Keep IE Patches Updatedp. 289
Will Internet Explorer 7 Be Hacked A Lot?p. 289
Summaryp. 290
Best Practicesp. 290
Introducing IIS 7p. 293
Web Server Threatsp. 293
Application Vulnerabilitiesp. 294
OS Vulnerabilitiesp. 295
Back-End Database Issuesp. 295
Protocol Vulnerabilitiesp. 295
Buffer Overflowsp. 296
Directory Traversal Attacksp. 296
Sniffing Attacksp. 297
Denial of Servicep. 298
Password Guessing Attacksp. 299
Introduction to IISp. 299
New IIS Featuresp. 300
Installing IIS 7p. 301
IIS Componentsp. 302
IIS Protocol Listenersp. 307
HTTP.SYSp. 308
Net.TCPp. 308
Net.Pipep. 308
Net.P2Pp. 308
Net.MSMQp. 309
Worker Processes, Application Pools, and Identitiesp. 309
Worker Processesp. 309
Application Poolsp. 309
Application Pool Identitiesp. 311
IUSR and IIS_USRSp. 314
IIS Administrationp. 315
Feature Delegationp. 316
IIS Authenticationp. 318
Anonymous Authenticationp. 320
ASP.NET Impersonationp. 320
Basic Authenticationp. 322
Digest Authenticationp. 322
Forms Authenticationp. 322
Windows Authenticationp. 322
Client Side Mappingp. 323
Web Server Access Control Permissionsp. 326
IIS Handler Permissionsp. 326
NTFS Permissionsp. 332
Defending IISp. 332
Step Summaryp. 333
Configuring Network/Perimeter Securityp. 333
Ensuring Physical Securityp. 334
Installing Updated Hardware Driversp. 334
Installing an Operating Systemp. 334
Configuring a Host Firewallp. 335
Configuring Remote Administrationp. 335
Installing IIS in a Minimal Configurationp. 336
Installing Patchesp. 336
Hardening the Operating Systemp. 337
Configuring and Tightening IISp. 339
Installing Additional IIS Featuresp. 340
IIS 7 Modulesp. 340
Minimizing Web Components Even Furtherp. 342
Feature Delegationp. 342
Strengthening NTFS Permissionsp. 342
Configuring Request Filteringp. 343
Securing Web Sitesp. 344
Hardening NTFS Permissionsp. 344
Web Site IP Settingsp. 346
Application Pool Changesp. 346
Cleaning and Testingp. 347
Installing and Securing Applicationsp. 347
Conducting Penetration Testsp. 347
Deploying to Productionp. 347
Monitoring Log Filesp. 348
Summaryp. 348
Protecting E-mailp. 351
E-mail Threatsp. 351
Malicious File Attachmentsp. 351
File Extension Tricksp. 380
Embedded Contentp. 381
Embedded Linksp. 382
Leaked Passwordsp. 383
Other Miscellaneous E-mail Threatsp. 383
Introducing Windows Mailp. 384
Phishing Detectionp. 385
Improved Junk Mail Detectionp. 386
Sender White Lists and Black Listsp. 387
Top-Level Domain Blockingp. 387
Simplified E-mail Storagep. 390
E-mail Defensesp. 390
Convert All E-mail to Plain-textp. 391
Execute All HTML Content in the Restricted Zonep. 393
Disable Automatic Downloading of HTML Contentp. 394
Filter Out Dangerous File Attachmentsp. 395
Install Anti-Malware Softwarep. 398
Disable Plain-Text Passwordsp. 398
Summaryp. 398
Best Practicesp. 399
Securing Windows Networksp. 401
Managing Windows Firewallp. 403
New Featuresp. 405
Windows Filtering Platformp. 405
IPv6p. 406
Integration with IPsecp. 407
Stealthp. 408
Boot Time Filteringp. 409
Strict Source Mappingp. 410
Service Hardening and the Firewallp. 411
IPv6p. 412
Outbound Filteringp. 412
How Much Security Can Outbound Filtering Provide?p. 413
Firewall Managementp. 417
Firewall Profilesp. 417
Management Interfacesp. 419
Windows Firewall Control Panelp. 419
Security Centerp. 421
Windows Firewall with Advanced Securityp. 422
Group Policy Editorp. 422
Netshp. 423
Application Programming Interfacesp. 424
Rule Typesp. 426
Directional Rulesp. 427
Connection Security Rulesp. 427
When to Use Which Rulesp. 428
Rule Precedencep. 428
Firewall Scenariosp. 429
Restricting Access Based on End-Pointp. 429
Blocking Outbound SMB in Public Profilep. 436
Allowing Management Traffic via VPNp. 437
Managing Firewall in a Mixed or Down-Level Environmentp. 438
RPCp. 442
Summaryp. 443
Best Practicesp. 444
Server and Domain Isolationp. 445
Server and Domain Isolation Overviewp. 445
Domain Isolationp. 446
Server Isolationp. 447
Forget About the Perimeterp. 448
Network Threat Modelingp. 450
Changes in Windows Vista Affecting SDIp. 451
AuthIPp. 451
Client-to-DC IPsecp. 451
Authentication with Multiple Credentialsp. 451
Improved Negotiation Flowp. 452
Vastly Improved Configuration User Interfacep. 453
Domain Isolation Rulesp. 454
Server Isolation Rulesp. 457
Summaryp. 458
Best Practicesp. 459
Wireless Securityp. 461
Wi-Fi Terminology and Technologiesp. 461
Wi-Fi Standardsp. 462
Infrastructure versus Ad-Hoc Modep. 462
Wi-Fi Standardsp. 463
Wi-Fi Security Standardsp. 464
Wired Equivalent Privacyp. 465
Wi-Fi Protected Access/802.11ip. 466
Wireless Threatsp. 471
Eavesdroppingp. 472
Unauthorized Accessp. 474
Bypassing of Traditional Defensesp. 474
Malware Injectionp. 474
Denial of Service Attacksp. 475
New Wireless Improvements in Vistap. 476
Securing Wireless Networksp. 477
802.11 Legacy Wireless Security Recommendationsp. 477
Changing Access Point's Default SSIDp. 478
Enabling MAC Filteringp. 478
Disabling DHCP on the Access Pointp. 478
Requiring User Authentication Passwordsp. 479
Turning Off SSID Broadcastingp. 479
Changing an Access Point's Default Administrator Passwordp. 480
WEPp. 480
VPN Protocolsp. 481
Using WPAp. 481
Using WPA2/802.11ip. 481
Summaryp. 482
Best Practicesp. 482
Group Policy and Best Practicesp. 483
Using Group Policyp. 485
New Group Policy Featuresp. 486
Multiple Local Group Policiesp. 486
Group Policy Precedencep. 489
Using MLGPOs in a Domain Environmentp. 491
Difference between Local GPOs and Domain GPOsp. 491
New Administrative Template Formatp. 492
Template Embeddingp. 493
Migrating to ADMXp. 493
Client-Side Pulling and Network Location Awarenessp. 493
Updated Group Policy Featuresp. 494
Group Policy Management Console v. 2.0p. 494
Internet Explorer Management Without IEAKp. 495
Group Policy Application Factored from Winlogonp. 496
Group Policy Logging Moved to System Event Logp. 497
New or Updated Group Policy Settingsp. 498
New Security Optionsp. 498
Security Options with Modified Defaultsp. 498
Removed Security Optionsp. 504
New Administrative Template Settingsp. 504
Settings That Require Reboot or Logonp. 510
Windows Vista Security Guidep. 510
Do You Need the Vista Security Guide?p. 511
What Is Good in the Vista Security Guidep. 511
What Could Have Been Better in the Vista Security Guidep. 511
Importance of the Guidep. 513
Active Directory Schema Updatesp. 514
Managing Group Policy in a Mixed Environmentp. 514
Rollout Strategyp. 515
Logon Scripts Fail Because of UACp. 516
Using Group Policy in a NAP Environmentp. 516
Summaryp. 517
Best Practicesp. 518
Thinking about Securityp. 519
It Still Comes Down to Risk Managementp. 520
Jesper's Positionp. 520
Roger's Positionp. 520
Enterprise Risk Managementp. 521
The Three-Step Approach to Securityp. 523
Keep 'em Off the Boxp. 524
Keep 'em from Runningp. 524
Keep 'em from Communicatingp. 525
Thinking Differently about Securityp. 526
The Top 2 (+ or -1, or so) Client Security Hacksp. 526
Jesper's Thoughtsp. 526
Roger's Thoughtsp. 528
Anti-Malware Is Not a Panaceap. 530
Jesper's Thoughtsp. 530
Roger's Thoughtsp. 532
Tweaking Itp. 532
Security Tweaks You Should Makep. 533
Turn on DEP for Internet Explorerp. 536
Security Tweaks You Shouldn't Makep. 536
Agreeing to Disagreep. 539
Jesper's Positionp. 541
Roger's Positionp. 545
Wetwarep. 546
Summaryp. 547
Best Practicesp. 547
Building a Windows PE Boot Diskp. 549
Building a WinPE Bootable USB Flash Drivep. 549
Downloading WAIKp. 550
Building the WinPE Imagep. 550
Referencesp. 555
Indexp. 561
Table of Contents provided by Ingram. All Rights Reserved.

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program