Windows Server 2003 Security: A Technical Reference

Overview

"Once again, Roberta Bragg proves why she is a leading authority in the security field! It's clear that Roberta has had a great deal of experience in real-world security design and implementation. I'm grateful that this book provides clarity on what is often a baffling subject!"

James I. Conrad, MCSE 2003, Server+, Certified Ethical Hacker James@accusource.net

"Full of relevant and insightful information. Certain to be a staple reference book for anyone dealing with Windows Server 2003 security. Roberta Bragg's ...

See more details below
Available through our Marketplace sellers.
Other sellers (Paperback)
  • All (16) from $1.99   
  • New (5) from $32.79   
  • Used (11) from $1.99   
Close
Sort by
Page 1 of 1
Showing All
Note: Marketplace items are not eligible for any BN.com coupons and promotions
$32.79
Seller since 2008

Feedback rating:

(169)

Condition:

New — never opened or used in original packaging.

Like New — packaging may have been opened. A "Like New" item is suitable to give as a gift.

Very Good — may have minor signs of wear on packaging but item works perfectly and has no damage.

Good — item is in good condition but packaging may have signs of shelf wear/aging or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Acceptable — item is in working order but may show signs of wear such as scratches or torn packaging. All specific defects should be noted in the Comments section associated with each item.

Used — An item that has been opened and may show signs of wear. All specific defects should be noted in the Comments section associated with each item.

Refurbished — A used item that has been renewed or updated and verified to be in proper working condition. Not necessarily completed by the original manufacturer.

New
0321305019 BRAND NEW NEVER USED IN STOCK 125,000+ HAPPY CUSTOMERS SHIP EVERY DAY WITH FREE TRACKING NUMBER

Ships from: fallbrook, CA

Usually ships in 1-2 business days

  • Standard, 48 States
  • Standard (AK, HI)
$50.59
Seller since 2008

Feedback rating:

(17481)

Condition: New
Brand New, Perfect Condition, Please allow 4-14 business days for delivery. 100% Money Back Guarantee, Over 1,000,000 customers served.

Ships from: Westminster, MD

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
$50.60
Seller since 2007

Feedback rating:

(23309)

Condition: New
BRAND NEW

Ships from: Avenel, NJ

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
$69.11
Seller since 2010

Feedback rating:

(7)

Condition: New
5-26-05 other 1 BRAND NEW! ONLY Expedited orders are shipped with tracking number! *WE DO NOT SHIP TO PO BOX* Please allow up to 14 days delivery for order with standard ... shipping. SHIPPED FROM MULTIPLE LOCATIONS. Read more Show Less

Ships from: San Jose, CA

Usually ships in 1-2 business days

  • Canadian
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
$82.31
Seller since 2013

Feedback rating:

(2)

Condition: New
New

Ships from: San Diego, CA

Usually ships in 1-2 business days

  • Canadian
  • International
  • Standard, 48 States
  • Standard (AK, HI)
  • Express, 48 States
  • Express (AK, HI)
Page 1 of 1
Showing All
Close
Sort by
Sending request ...

Overview

"Once again, Roberta Bragg proves why she is a leading authority in the security field! It's clear that Roberta has had a great deal of experience in real-world security design and implementation. I'm grateful that this book provides clarity on what is often a baffling subject!"

James I. Conrad, MCSE 2003, Server+, Certified Ethical Hacker James@accusource.net

"Full of relevant and insightful information. Certain to be a staple reference book for anyone dealing with Windows Server 2003 security. Roberta Bragg's Windows Server 2003 Security is a MUST read for anyone administering Windows Server 2003."

Philip Cox, Consultant, SystemExperts Corporation phil.cox@systemexperts.com

"Few people in the security world understand and appreciate every aspect of network security like Roberta Bragg. She is as formidable a security mind as I have ever met, and this is augmented by her ability to communicate the concepts clearly, concisely, and with a rapier wit. I have enjoyed working with Roberta more than I have on any of the other 20 some odd books to which I have contributed. She is a giant in the field of network security."

Bob Reinsch bob.reinsch@fosstraining.com

"Windows Server 2003 Security explains why you should do things and then tells you how to do it! It is a comprehensive guide to Windows security that provides the information you need to secure your systems. Read it and apply the information."

Richard Siddaway, MCSE rsiddaw@hotmail.com

"Ms. Bragg's latest book is both easy to read and technically accurate. It will be a valuable resource for network administrators and anyone else dealing with Windows Server 2003 security."

Michael VonTungeln, MCSE, CTT mvontung@yahoo.com

"I subscribe to a number of newsletters that Roberta Bragg writes and I have 'always' found her writing to be perfectly focused on issues I 'need' to know in my workplace when dealing with my users. Her concise writing style and simple solutions bring me back to her columns time after time. When I heard she had written a guide on Windows 2003 security, I 'had' to have it.

Following her guidance on deployment, her advice on avoiding common pitfalls, and her easy to follow guidelines on how to lock down my network and user environments (those darned users!) has me (and my clients) much more comfortable with our Win2k3 Server deployments. From AD to GPO's to EFS, this book covers it all."

Robert Laposta, MCP, MCSA, MCSE, Io Network Services, Sierra Vista AZrob.laposta@cox.net

"Roberta Bragg has developed a 'must have' manual for administrators who manage Microsoft Windows 2003 servers in their organizations. The best practices for strengthening security controls are well organized with practical examples shared throughout the book. If you work with Windows 2003, you need this great resource."

Harry L. Waldron, CPCU, CCP, AAI, Microsoft MVP - Windows Security Information Technology Consultant harrywaldronmvp@yahoo.com

"Roberta Bragg's Windows Server 2003 Security offers more than just lucid coverage of how things work, but also offers sound advice on how to make them work better."

Chris Quirk; MVP Windows shell/user cquirke@mvps.org

"This book is an invaluable resource for anyone concerned about the security of Windows Server 2003. Despite the amount and complexity of the material presented, Roberta delivers very readable and clear coverage on most of the security-related aspects of Microsoft's flagship operative system. Highly recommended reading!"

Valery Pryamikov, Security MVP, Harper Security Consulting valery.pryamikov@harper.no

"As long as you have something to do with Windows 2003, I have four words for you: 'Order your copy now.'"

Bernard Cheah, Microsoft IIS MVP, Infra Architect, Intel Corp.
bernard@mvps.org

If you're a working Windows administrator, security is your #1 challenge. Now there's a single-source reference you can rely on for authoritative, independent help with every Windows Server security feature, tool, and option: Windows Server 2003 Security

Renowned Windows security expert Roberta Bragg has brought together information that was formerly scattered through dozens of books and hundreds of online sources. She goes beyond facts and procedures, sharing powerful insights drawn from decades in IT administration and security. You'll find expert implementation tips and realistic best practices for every Windows environment, from workgroup servers to global domain architectures. Learn how to:

  • Reflect the core principles of information security throughout your plans and processes
  • Establish effective authentication and passwords
  • Restrict access to servers, application software, and data
  • Make the most of the Encrypting File System (EFS)
  • Use Active Directory's security features and secure Active Directory itself
  • Develop, implement, and troubleshoot group policies
  • Deploy a secure Public Key Infrastructure (PKI)
  • Secure remote access using VPNs via IPSec, SSL, SMB signing,
  • LDAP signing, and more
  • Audit and monitor your systems, detect intrusions, and respond appropriately
  • Maintain security and protect business continuity on an ongoing basis

"Roberta Bragg has developed a 'must have' manual for administrators who manage Microsoft Windows 2003 servers in their organizations. The best practices for strengthening security controls are well organized, with practical examples shared throughout the book. If you work with Windows 2003, you need this great resource."

Harry L. Waldron CPCU, CCP, AAI Microsoft MVP—Windows Security Information Technology Consultant

© Copyright Pearson Education. All rights reserved.

Read More Show Less

Product Details

Meet the Author

Roberta Bragg, MCSE, CISSP, and Microsoft MVP, is one of the world's most respected Windows security consultants, columnists, and speakers. She has served as the security advisor for Redmond Magazine (formerly MCP Magazine), and as a feature columnist for the weekly Security Watch e-newsletter. Her books include Hardening Windows Systems (McGraw-Hill Osborne Media, 2004); MCSE Training Guide (70-220): Windows 2000 Network Security Design, Second Edition (Que, 2002); and Windows 2000 Security (New Riders Publishing, 2000). Bragg runs her own company, Have Computer Will Travel. She lives in Kansas City, MO.

© Copyright Pearson Education. All rights reserved.

Read More Show Less

Read an Excerpt

PrefacePreface

Writing a technical book and getting it published are not particularly difficult projects. The primary requirements are dogged determination and persistence.

Writing a technical book that people can use, a book that they keep on their shelf as a reference, a book that becomes the standard in its class—that's quite a bit harder. To do that, you not only have to know the subject matter and be able to present it in a reasonably interesting manner, but you also have to include the information that people need to know and provide the analysis that experience provides. In addition, the technology must be presented in a way that is digestible by the average person responsible for implementing it. Accuracy, of course, must be ensured. Doing all of these things is not easy. It is, however, what I set out to do.

Should You Buy This Book?

My ego and my pocketbook say yes. My conscience, however, tells me that this book is not one that every techie will need. Here are some guidelines:

This book is not designed with the Windows end user, advanced or not, in mind. It is meant for the server administrator, network administrator, security administrator, IT manager, technology specialist, or other individual who must design, implement, troubleshoot, or configure the security of Windows Server 2003 or the networks it is used on.

Although it does provide the details that may help anyone studying for an exam, it is not a resource for those whose only interest is passing an exam. There are no study questions and way too much information on topics that may not be on an exam but that are vital to the understanding and operation of server and network security.

This book does provide important information and the details of securing Windows Server 2003; however, it is not a step-by-step guide on how to harden the server. Instead, it is a technical resource, and it provides much of the rationale behind hardening steps.

If you do not use Windows and don't believe it has a place in your network, why are you reading this? I do believe that if you read this book, you may find that Windows Server 2003 does have a place in your network. However, I must warn you—you need to consider the next statement.

If you have no experience or knowledge of Windows, you will need a companion book that concentrates on the technology, a server you can explore on your own, or a willingness to research basic Windows and basic Windows networking on your own. Before you begin studying the more advanced topics, such as securing Active Directory or utilizing Windows Server 2003 resources to provide network security, you will need some understanding of Active Directory. This book assumes that you are not new to Active Directory.

If you are an expert on Windows Server 2003 security, you may learn something new here.

If you are, like most technical Windows users, solidly savvy in some security areas but lacking information in others, I believe you'll be able to find the information you need to become well rounded within these pages.

If you are a programmer, this book can do much to help you understand how Windows server security works and how its security technologies are used on a network. It should not, however, be your source for the intimate details you need if you must program security or program securely. The technical details you need are primarily provided in the Software Development Kit (SDK) available from Microsoft. The sound security knowledge and necessary programming skill are functions of training and experience. I would especially caution you that the algorithms provided within this book to help readers understand how technology works do not provide enough information for you to produce code that can correctly implement the technology. Programming security technologies is especially difficult to get right and is not a subject addressed by this book.

What's Inside and What's Not

Information security is not a new field. What is new is the requirement that every information technology worker emerges from being security-challenged to being security-conscious. Those who are responsible for any facet of production networks have a higher calling. They must not only be aware, but they also must be proactive. They cannot afford to merely react to the latest Internet threat. They must apply the principles of information security through their network. This book can help them.

Chapter 1, "Principles of Information Security," defines these principles and relates them to the content of each chapter. Each chapter deals with a specific Windows Server 2003 security topic and provides both information and instructions for securing the server and for using its security technologies to provide protection for the network. Topics include authentication, user rights and permissions, Software Restriction Policies, Authorization Manager, NTFS, the Encrypting File System (EFS), WebDAV, changes in security technologies introduced with Active Directory, securing Active Directory, trusts in an Active Directory forest between domains in different forests and between forests, Public Key Infrastructure (PKI), using Routing and Remote Access and RADIUS, IPSec and PPTP, SMB signing, a role-based approach to server security, auditing monitoring, and maintenance.

This book often provides a unique approach to its subject. It explains not just how to use the technology but when and why and how to use security technologies in a secure manner. An example of this approach is the two chapters on PKI. The first chapter explains the technology and details what must be done to ensure that this key security technology does increase security and not just provide a false sense of security. The second chapter details precisely how to do this. It provides the implementation details of securely implementing a two-tier Certification Authority (CA) hierarchy, including an offline root CA. This chapter is also an example of the type of value added by this book—it's rare to find a thoughtful security approach to a security technology, and it's even rarer to find such a step-by-step detail all in one document.

While the book starts with basic security information relative to Windows Server 2003 in a workgroup or domain environment, progresses to security in an Active Directory network, and finishes by explaining the details of advanced Windows-based security technologies, an advanced reader can also benefit by jumping right to the material relevant to a specific problem or a current desire for knowledge. This is because with some exceptions, chapters are based on technical issues rather than technologies. Chapters are therefore often focused around topics such as "Securing Remote Access" (RRAS, VPNs, Internet Information Server), "Securing Data in Flight" (IPSec, PPTP), "Controlling Access to Data" (NTFS, EFS, protecting shares, using WebDAV), "Authorization: Limiting System Access and Controlling User Behavior" (user rights and permissions), or "Restricting Access to Software, Restricting Software's Access to Resources" (Software Restriction Policies, Authorization Manager).

This book cannot be your only source for Windows security information. It does not, for example, provide information on securing other versions of Windows. While much of the information on Windows Server 2003 is relevant to the security of earlier versions and will be relevant to future versions, much is unique to Windows Server 2003. You also won't find everything you need to know about securing IIS or securing Windows applications. It is not a book on secure programming, and it does not seek to train you in computer forensics. These topics require book-length discussions of their own. It would be presumptuous to attempt to deliver them along with everything else.

This is also not a sexy book. You won't find cool hacker tricks within or justification for using a security technology based on some exploit that works if you don't utilize the hardening technique. There are far too many "I can hack into your networkand here is how to stop me" security books. You should not be relying primarily on securing your network against attacks that are so well known that they are published in a book. Instead, you should be applying the knowledge that not only works against multiple current attacks, but that also may quite possibly secure networks against exploits not yet designed.

An Unusual Approach to Production

The normal technical book production process, the process that is supposed to produce "the" book on "some subject," leaves much to be desired. An author is selected and writes. A technical reviewer is paid a pittance and may or may not actually find errors or step through the instructions to confirm the author's work. Editors, while they may know their grammar and how to improve writing style, are not technically trained. Finally, the process is at times rushed, and compromises have to be made.

This book was done differently. In addition to the normal editorial support, numerous technical volunteers examined each chapter for content, correctness, and usability. These volunteers gave their time freely, many of them doggedly reading the entire manuscript and others concentrating on topics they felt the most comfortable with or the most interested in learning about. Every one of them contributed substantially, providing me with insight that an author usually gets only after the book is published. This book is incredibly better because of them.

That said, the organization of the material is mine, and any errors although unintentional, are mine as well.

© Copyright Pearson Education. All rights reserved.

Read More Show Less

Table of Contents

Pt. I Security basics
Ch. 1 Principles of information security 3
Pt. II Securing the server itself
Ch. 2 Authentication : proof of identity 21
Ch. 3 Authorization - limiting system access and controlling user behavior 83
Ch. 4 Restricting access to software; restricting software's access to resources 159
Ch. 5 Controlling access to data 227
Ch. 6 EFS basics 285
Pt. III Securing domain services
Ch. 7 Active directory's role in domain security 337
Ch. 8 Trust 423
Ch. 9 Troubleshooting group policy 485
Ch. 10 Securing active directory 545
Ch. 11 Securing infrastructure roles 599
Pt. IV Public key infrastructure
Ch. 12 PKI basics 651
Ch. 13 Implementing a secure PKI 715
Pt. V Securing the virtual network
Ch. 14 Securing remote access 765
Ch. 15 Protecting data in flight 843
Pt. VI Maintenance and recovery
Ch. 16 Maintenance strategies and administrative practices 895
Ch. 17 Basics of data backup and restore 957
Pt. VII Monitoring and audit
Ch. 18 Auditing 1007
Ch. 19 Monitoring and assessment 1059
Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star

(0)

4 Star

(0)

3 Star

(0)

2 Star

(0)

1 Star

(0)

Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation

Reminder:

  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

 
Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously
Sort by: Showing 1 Customer Reviews
  • Anonymous

    Posted July 3, 2005

    encrypted file system?

    In the computing press, and indeed in the general media, Microsoft has taken some flak for security bugs in its operating systems. But by now its Windows Server 2003 has grown into millions of lines of code. The sheer complexity of which can be appreciated by looking at this book. It addresses numerous cases where you, the sysadmin, can or should do certain things to protect your machines. Possibly the most powerful tools described related to PKI. There is a full implementation of this. Plus, Microsoft lets each user easily encrypt [and of course decrypt] her files, using PKI. A very nice idea. Though, as the book explains, the problem is that currently few users or sysadmins actually avail themselves of this advanced feature. Of all the topics in the book, I found this to be the most interesting. Perhaps you will, also.

    Was this review helpful? Yes  No   Report this review
Sort by: Showing 1 Customer Reviews

If you find inappropriate content, please report it to Barnes & Noble
Why is this product inappropriate?
Comments (optional)