Book Title: Thor’s Microsoft Security Bible
Subtitle: A collection of Practical Security Techniques
Author: Timothy “Thor” Mullen
Date of Publishing: 2011
Price (UK&US price – full price, not discounted price): £36.99 $59.95
URL of Amazon UK web page: Thor’s Microsoft Security Bible: A Collection of Practical Security Techniques
URL of Amazon UK (Kindle) web page: Thor’s Microsoft Security Bible: A Collection of Practical Security Techniques
URL of Amazon US web page: Thor’s Microsoft Security Bible: A Collection of Practical Security Techniques
URL of Amazon US (Kindle) web page: Thor’s Microsoft Security Bible: A Collection of Practical Security Techniques
I have been involved in security for over 30 years, starting in physical security and then moving into IT Security, having worked in a number of different environments, from SMEs to large data centres, I have always had an interest in the different views of security and the variety of methods for increasing the security of servers and the general infrastructure.The book is a reasonable size and consists of 399 pages across seven chapters. There is no logical flow through the book as each chapter is effectively standalone, dealing with each specific topic. The book is a good solid reference guide and probably not something you would sit down and read cover to cover unless you want to implement all of the topics covered; saying that, however, it is an excellent reference for configuring and/or implementing the specific security solutions covered.Thor’s Microsoft Security Bible goes into a good level of detail of the different aspects of security, including communications and system hardening; even though it assumes that the OS is already hardened. There are good examples provided throughout and the author has supplied a large number of screen shots and code examples that allows him to walk the reader through the configuration – this is especially useful if you are looking to implement the solution described in the book. The advice provided in this book is of the highest quality and, even if the reader does not want to follow the whole solution laid out in a chapter, it is possible to mix and match with other items covered in different chapters. For me, the key chapter was the last one on securing RDP as this is something that nearly all organisations now use, and therefore it is vitally important it is secure. Accompanying this book, the publisher has supplied a DVD containing a variety of useful applications, which, while not having tried them all myself, they certainly look interesting and I am sure I will have a closer look in the near future.
This book is aimed at technical, security and non-security professionals alike, used to bolster their security knowledge and to allow them to harden services that are often reliant on general OS hardening and firewalls.
The book offers detailed descriptions on how to provide secure infrastructure services, such as SQL, as a least privileged account, and therefore offers system engineers a guide to bolstering their system’s security posture as much as is possible.
Marks: 5 out of 5