Windows Security Monitoring

Scenarios and Patterns

Nonfiction, Computers, Networking & Communications, Computer Security, Operating Systems, Application Software
Cover of the book Windows Security Monitoring by Andrei Miroshnikov, Wiley
View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart
Author: Andrei Miroshnikov ISBN: 9781119390879
Publisher: Wiley Publication: March 13, 2018
Imprint: Wiley Language: English
Author: Andrei Miroshnikov
ISBN: 9781119390879
Publisher: Wiley
Publication: March 13, 2018
Imprint: Wiley
Language: English

Dig deep into the Windows auditing subsystem to monitor for malicious activities and enhance Windows system security

Written by a former Microsoft security program manager, DEFCON "Forensics CTF" village author and organizer, and CISSP, this book digs deep into the Windows security auditing subsystem to help you understand the operating system′s event logging patterns for operations and changes performed within the system. Expert guidance brings you up to speed on Windows auditing, logging, and event systems to help you exploit the full capabilities of these powerful components. Scenario–based instruction provides clear illustration of how these events unfold in the real world. From security monitoring and event patterns to deep technical details about the Windows auditing subsystem and components, this book provides detailed information on security events generated by the operating system for many common operations such as user account authentication, Active Directory object modifications, local security policy changes, and other activities.

This book is based on the author′s experience and the results of his research into Microsoft Windows security monitoring and anomaly detection. It presents the most common scenarios people should be aware of to check for any potentially suspicious activity.

Learn to:

  • Implement the Security Logging and Monitoring policy
  • Dig into the Windows security auditing subsystem
  • Understand the most common monitoring event patterns related to operations and changes in the Microsoft Windows operating system

About the Author

Andrei Miroshnikov is a former security program manager with Microsoft. He is an organizer and author for the DEFCON security conference "Forensics CTF" village and has been a speaker at Microsoft′s Bluehat security conference. In addition, Andrei is an author of the "Windows 10 and Windows Server 2016 Security Auditing and Monitoring Reference" and multiple internal Microsoft security training documents. Among his many professional qualifications, he has earned the (ISC)2 CISSP and Microsoft MCSE: Security certifications.

View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart

Dig deep into the Windows auditing subsystem to monitor for malicious activities and enhance Windows system security

Written by a former Microsoft security program manager, DEFCON "Forensics CTF" village author and organizer, and CISSP, this book digs deep into the Windows security auditing subsystem to help you understand the operating system′s event logging patterns for operations and changes performed within the system. Expert guidance brings you up to speed on Windows auditing, logging, and event systems to help you exploit the full capabilities of these powerful components. Scenario–based instruction provides clear illustration of how these events unfold in the real world. From security monitoring and event patterns to deep technical details about the Windows auditing subsystem and components, this book provides detailed information on security events generated by the operating system for many common operations such as user account authentication, Active Directory object modifications, local security policy changes, and other activities.

This book is based on the author′s experience and the results of his research into Microsoft Windows security monitoring and anomaly detection. It presents the most common scenarios people should be aware of to check for any potentially suspicious activity.

Learn to:

About the Author

Andrei Miroshnikov is a former security program manager with Microsoft. He is an organizer and author for the DEFCON security conference "Forensics CTF" village and has been a speaker at Microsoft′s Bluehat security conference. In addition, Andrei is an author of the "Windows 10 and Windows Server 2016 Security Auditing and Monitoring Reference" and multiple internal Microsoft security training documents. Among his many professional qualifications, he has earned the (ISC)2 CISSP and Microsoft MCSE: Security certifications.

More books from Wiley

Cover of the book Building Wealth in the Stock Market by Andrei Miroshnikov
Cover of the book Distribution Theory by Andrei Miroshnikov
Cover of the book Mathematical and Computational Methods and Algorithms in Biomechanics by Andrei Miroshnikov
Cover of the book Crowdstorm by Andrei Miroshnikov
Cover of the book Controlled Branching Processes by Andrei Miroshnikov
Cover of the book Guidelines for Hazard Evaluation Procedures by Andrei Miroshnikov
Cover of the book Materials and Failures in MEMS and NEMS by Andrei Miroshnikov
Cover of the book The Wiley Blackwell Handbook of Humanism by Andrei Miroshnikov
Cover of the book IV Therapy For Dummies by Andrei Miroshnikov
Cover of the book Multi-armed Bandit Allocation Indices by Andrei Miroshnikov
Cover of the book Developing Reflective Practice by Andrei Miroshnikov
Cover of the book Personal Development All-In-One For Dummies by Andrei Miroshnikov
Cover of the book Mitochondria by Andrei Miroshnikov
Cover of the book Leading the Epic Revolution by Andrei Miroshnikov
Cover of the book Coherent Laser Beam Combining by Andrei Miroshnikov
We use our own "cookies" and third party cookies to improve services and to see statistical information. By using this website, you agree to our Privacy Policy