Michael G. Solomon - Security Strategies in Windows Platforms and Applications

THIRD EDITION

JONES & BARTLETT
LEARNING

World Headquarters
Jones & Bartlett Learning
5 Wall Street
Burlington, MA 01803
978-443-5000
www.jblearning.com

Jones & Bartlett Learning books and products are available through most bookstores and online booksellers. To contact Jones & Bartlett Learning directly, call 800-832-0034, fax 978-443-8000, or visit our website, www.jblearning.com.

Substantial discounts on bulk quantities of Jones & Bartlett Learning publications are available to corporations, professional associations, and other qualified organizations. For details and specific discount information, contact the special sales department at Jones & Bartlett Learning via the above contact information or send an email to .

Copyright 2021 by Jones & Bartlett Learning, LLC, an Ascend Learning Company

All rights reserved. No part of the material protected by this copyright may be reproduced or utilized in any form, electronic or mechanical, including photocopying, recording, or by any information storage and retrieval system, without written permission from the copyright owner.

The content, statements, views, and opinions herein are the sole expression of the respective authors and not that of Jones & Bartlett Learning, LLC. Reference herein to any specific commercial product, process, or service by trade name, trademark, manufacturer, or otherwise does not constitute or imply its endorsement or recommendation by Jones & Bartlett Learning, LLC and such reference shall not be used for advertising or product endorsement purposes. All trademarks displayed are the trademarks of the parties noted herein. Security Strategies in Windows Platforms and Applications, Third Edition is an independent publication and has not been authorized, sponsored, or otherwise approved by the owners of the trademarks or service marks referenced in this product.

There may be images in this book that feature models; these models do not necessarily endorse, represent, or participate in the activities represented in the images. Any screenshots in this product are for educational and instructive purposes only. Any individuals and scenarios featured in the case studies throughout this product may be real or fictitious, but are used for instructional purposes only.

Production Credits
VP, Product Management: Amanda Martin
Director of Product Management: Laura Pagluica
Product Manager: Edward Hinman
Product Assistant: Melissa Duffy
Product Coordinator: Paula-Yuan Gregory
Project Manager: Kristen Rogers
Technical Editor: Jeff Parker
Digital Project Specialist: Rachel Reyes
Director of Marketing: Andrea DeFronzo
Marketing Manager: Michael Sullivan
Manufacturing and Inventory Control Supervisor: Amy Bacus
Composition and Project Management: codeMantra U.S., LLC
Cover Design: Kristin E. Parker
Senior Media Development Editor: Shannon Sheehan
Rights Specialist: Rebecca Damon
Cover Image (Title Page, Part Opener, Chapter Opener): Studio-Pro/Getty Images
Printing and Binding: McNaughton & Gunn
Cover Printing: McNaughton & Gunn

Library of Congress Cataloging-in-Publication Data

Library of Congress Control Number: 2019948938

6048

Printed in the United States of America

23 22 21 20 19 10 9 8 7 6 5 4 3 2 1

This book is part of the Information Systems Security & Assurance Series from Jones & Bartlett Learning (www.jblearning.com). Designed for courses and curriculums in IT Security, Cybersecurity, Information Assurance, and Information Systems Security, this series features a comprehensive, consistent treatment of the most current thinking and trends in this critical subject area. These titles deliver fundamental information-security principles packed with real-world applications and examples. Authored by Certified Information Systems Security Professionals (CISSPs), they deliver comprehensive information on all aspects of information security. Reviewed word for word by leading technical experts in the field, these books are not just current, but forward-thinkingputting you in the position to solve the cybersecurity challenges not just of today, but of tomorrow, as well.

Part I of this book focuses on new risks, threats, and vulnerabilities associated with the Microsoft Windows operating system. Particular emphasis is placed on Windows 10 on the desktop, and Windows Server 2012, 2016, and 2019 versions. More than 90% of individuals, students, educators, businesses, organizations, and governments use Microsoft Windows, which has experienced frequent attacks against its well-publicized vulnerabilities. Part II emphasizes how to use tools and techniques to decrease risks arising from vulnerabilities in Microsoft Windows operating systems and applications. Part III provides a resource for readers and students desiring more information on Microsoft Windows OS hardening, application security, and incident management, among other issues.

The writing style of this book is practical and conversational. Step-by-step examples of information security concepts and procedures are presented throughout the text. Each chapter begins with a statement of learning objectives. Illustrations are used both to clarify the material and to vary the presentation. The text is sprinkled with Notes, Tips, FYIs, Warnings, and sidebars to alert the reader to additional and helpful information related to the subject under discussion. Chapter Assessments appear at the end of each chapter, with solutions provided in the back of the book. Chapters Summaries are included in the text to provide a rapid review or preview of the material and to help students understand the relative importance of the concepts presented.

The material is suitable for undergraduate or graduate computer science majors or information science majors, students at a 2-year technical college or community college who have a basic technical background, or readers who have a basic understanding of IT security and want to expand their knowledge.

This new edition covers the latest versions of the Microsoft Windows operating system, Windows 10 and Windows Server 2019. It also includes updated coverage of industry best practices and tools used to manage Microsoft Windows environments. The Third Edition further expands on previous discussions to include more coverage of cloud computing topics, IPv6, and the Internet of Things (IoT). Malware and encryption sections have been completely updated as well to include the latest threats, mitigation techniques, and tools available. In all, the Third Edition includes the latest information needed to implement and manage Windows platforms in todays dynamic environments.

This text is accompanied by Cybersecurity Cloud Labs. These hands-on virtual labs provide immersive mock IT infrastructures where students can learn and practice foundational cybersecurity skills as an extension of the lessons in this textbook. For more information or to purchase access to the labs, visit go.jblearning.com/solomon3e.