Security for Microsoft Windows System Administrators
Author: Derrick Rountree
Security for Microsoft Windows System Administrators aims at teaching the reader the very basics of information security: general concepts, some cryptography, concepts and vulnerabilities tied to network, system and operational security, and a bit about security audits. The author skipped in-depth coverage in favor of making the reader proficient in the language and basic security concepts – and doing it quickly.
About the author
Derrick Rountree has held positions as a network administrator, IT consultant, and a QA engineer for a major software company. He has experience in network security, operating system security, application security, and secure software development.
Inside the book
Confidentiality, integrity, availability – the main principles of information security – are dealt with immediately at the very beginning of the book, with simple definitions that can’t be misunderstood. Next, the author explains a number of acronyms that we have all heard mentioned many times: ISO, NIST, FIPS, PCI DSS, HIPAA, and many others.
Authentication, authorization and accounting (the three A’s) are tackled more in-depth, and the reader can learn about the different authentication types and methods currently used, the principles of authorization and the importance of accounting and how it’s tied with auditing.
The subject of cryptography is addressed in a similar (logical) way: basic concepts first, cryptographic algorithms second and PKI concepts third. This second chapter is a bit more thorough in its explanations, and the reader gets the chance to learn how to deal with key and certificate management – how to add a certificate to a local machine store, for example, or how to configure various browsers for CRL (Certificate Revocation List) checking – step-by-step, and with plenty of screenshots.
The subject of network security has been dealt with in a more jumbled-up manner. Information about the OSI model, network components, services and devices, protocols, threats and vulnerabilities could have been structured more logically, and I can’t help notice that some of the information is a bit outdated. Actually, this chapter reads more like an index than anything else.
But, with the chapter on system security, the author is back on track. He first lists and briefly explains system threats inherent to all systems, then dives into OS and application security, explaining OS hardening techniques, Windows patching and updating, anti-virus software and virtualization.
Describing concepts related to organizational and operational security, he touches topics such as physical security, business continuity, disaster recovery, end user education, risk assessment, and more.
In the final chapter, he explains the importance of vulnerability testing, monitoring and logging, and he presents tools for system, performance, resource and network monitoring, and auditing.
This book professes to be an introduction to key information security concepts, and it delivers on that promise. As such, it is primarily targeted at aspiring Windows system administrators and at novices in the field who recognize the vital importance of keeping their systems and networks secure.
The author fails to deliver depth to the covered subjects, so it is safe to say that this must not be the only book to consult on the subject. However, it presents a good starting point, and its brevity (around 200 pages) could present an attraction for those who are only interested in learning the basic concepts and the language of information security.