InfoSec Reviews – Security for Microsoft Windows System Administrators

Book Title: Security for Microsoft Windows System Administrators

Subtitle: Introduction to Key Information Security Concepts

Author: Derrick Rountree

Publisher: Syngress

Date of Publishing: Oct 2010

ISBN(13): 9781597495943

Price (UK&US price – full price, not discounted price): £21.99,   $34.95

URL of Publisher Site: Syngress

URL of Amazon UK web page: Security for Microsoft Windows System Administrators: Introduction to Key Information Security Concepts

URL of Amazon US web page:

The book is 198 pages long and is structured as follows:Chapter 1 – Introduction to General Security ConceptsChapter 2 – CryptographyChapter 3 – Network SecurityChapter 4 – System SecurityChapter 5 – Organizational and Operational SecurityChapter 6 – Security Assessments and AuditsAppendix A – Common Applications and Port NumbersAppendix B – Information Security Professional CertificatesThe book is well laid out and the depth of coverage is consistent throughout.  Like all Syngress books the use of headings, white space and clear fonts make the book very easy to read. This book could have been very dry but its use of screen shots, diagrams and “Tools and Traps” made it an interesting read and it will be a useful future reference for me.The book’s focus is on Windows 7 and Server 2008 R2 although Outlook and Internet Explorer are addressed in some sections, as well as Firefox being introduced in comparison to IE (which was extremely useful).The first chapter, Introduction to General Security Concepts, reviews the basic IS principles of CIA as well as various standards organizations, certifications and regulations.  It covers the topics of AAA and access control and this is where the book starts to address Windows-specific configurations.  Clear screen shots and step-by-step discussion help with each of the concepts. The Cryptography chapter starts with basic principles but it is not long before the screen shots are clearly describing how the various products implement the principles being discussed. Certificate services, browser configuration, and setting up a CA are all covered well.The Network Security chapter opens with “General Network Concepts and Vulnerabilities.”  This describes the basics such as the OSI model, network components, protocols and various vulnerabilities. IE and Firefox configuration are covered, again, with plenty of screenshots to help.  The last section talks about a few command line tools but here the screenshots are difficult to read and do not give any real world examples, just the command line help listings (that’s just lazy).The System Security chapter covers topics such as security threats, viruses, worms and other malware.  It talks about hardware and peripherals and their associated threats. The section on OS Hardening includes many screenshots describing how unwanted features can be removed, as well as describing the management of Users and Groups both locally and in an Active Directory.  The other major section in this chapter is on Patching and Updating, again, illustrated with many screenshots. Finally there is a very short section on Virtualisation.  Next, Organizational and Operational Security considers physical security, from the car park to the server room.  It describes the importance of having clear and comprehensive corporate security policies on which more detailed policies and procedures can be based.  This section is illustrated using Windows Local Security Policy, User Rights Assignment, Security Options, Group Policy, Password and Kerberos policy.  Risk Analysis and Business Continuity are briefly described before the book again uses screenshots to illustrate Windows Backup and Restore features.The last chapter, Security Assessments and Audits, considers vulnerability assessments and testing but does not go into any details about the various tools that you can make use of to perform these tasks.  The monitoring section describes the Task Manager, Performance and Resource Monitors.  And finally, the last section of the book delves into Logging and Auditing illustrated with plenty of screenshots of the Event Viewer and Event Properties. The appendices are fairly self-explanatory, exemplified in the The Common Applications and Port Numbers appendix, which is a list of, yes, you guessed it, applications and their port numbers. The Information Security Professional Certificates appendix provides a short list of some of the most common professional security certification associations.I would be remiss if I did not mention that there are a number of irritating spelling mistakes in this book; allowance instead of alliance, STMP rather than SMTP, and Firewall instead of Firefox to identify a few. This is lazy; shame on you Syngress!

The concepts described in this book will be very familiar to anyone in the IS community but this book manages to associate these concepts with the everyday realities of the various Microsoft products – this is why it scored quite highly for me. The author describes the book as an “Introduction to Key Information Security Concepts” and I think that he’s delivered this very well. This book will help both inexperienced and seasoned system administrators understand the role of security in their systems. Considering everything, I think £21.99 makes this book very good value for money.

I am not a Microsoft Windows System Administrator, but I have been “hands on” with Windows client and server operating systems every working day over many years and I found this book clear & concise. The extensive use of screenshots was great to see exactly what was going on and a useful reference for someone of my experience.

Marks: 4 out of 5