Introduction

Welcome to the Microsoft Windows Security Resource Kit, Second Edition. This book provides detailed information about security features in Microsoft Windows Server 2003, Windows 2000, and Windows XP, and explains how to better secure computers running these operating systems.

About This Resource Kit

Although you are welcome to read the book from cover to cover, it is divided into six parts for your convenience. Each part covers a different aspect of Windows Server 2003, Windows 2000, and Windows XP security that you can read in advance of implementing security on computers running these operating systems or as a reference on the job.

The six parts of this book are as follows:

• Part 1, “Applying Key Principles of Security” provides an overview for thinking about security on a daily basis. Part 1 also introduces some of the fundamental challenges of managing security and provides guidance on how to overcome them.

• Part 2, “Securing Active Directory” provides information on the security of the Active Directory directory service—from handling design issues associated with forests and domains to controlling access to objects and attributes. Part 2 has detailed information on how to secure accounts and authentication—the two central components of security in Windows Server 2003, Windows 2000, and Windows XP. Part 2 also describes how you can use Group Policy to increase the security of networks that use Active Directory.

• Part 3, “Securing the Core Operating System” provides detailed information on how to increase the security of Windows Server 2003, Windows 2000, and Windows XP. Part 3 also discusses how to better secure applications, such as Microsoft Office System 2003, Microsoft Office XP, and Microsoft Internet Explorer, as well as mobile devices.

• Part 4, “Securing Common Services” describes how to secure common services that run on Windows Server 2003 and Microsoft Windows 2000 Server, including Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), Windows Internet Name Service (WINS), Terminal Services, Certificate Services, Routing and Remote Access Service (RRAS), and Microsoft Internet Information Services 6.0.

• Part 5, “Managing Security Updates” includes detailed information on the process of managing security updates, including service packs, software updates, and hotfixes, and discusses strategies for deploying security updates. Part 5 also describes techniques for assessing the security of computers running Windows Server 2003, Windows 2000, and Windows XP.

• Part 6, “Planning and Performing Security Assessments and Incident Responses” provides detailed explanations of security assessments, including vulnerability scanning, IT audits, and penetration testing, and discusses how each can be used to assess the security of your network. Part 6 also provides information on how to design an incident response procedure and introduces methods for investigating security incidents.

Resource Kit Companion CD

The Microsoft Windows Security Resource Kit, Second Edition, companion CD includes a variety of tools and scripts to help you work more efficiently when implementing and managing security on computers running Windows Server 2003, Windows 2000, and Windows XP. Several of these tools are discussed in the book; however, many are not. You can find documentation for each tool in the folder in which the tool is contained. Many of these tools are from the Microsoft Windows Server 2003 Resource Kit, so they are designed to be implemented with Windows Server 2003 operating systems. Specifically, these are the tools and scripts found in the root of the SecurityRKTools folder. The companion CD also includes a fully searchable electronic version (eBook) of this book.

Resource Kit Support Policy

Microsoft Corporation does not support the tools and scripts supplied on the Microsoft Windows Security Resource Kit, Second Edition, companion CD. Microsoft does not guarantee the performance of the tools or scripting examples or of any bug fixes for these tools and scripts. However, Microsoft Press provides a way for customers who purchase the Microsoft Windows Security Resource Kit, Second Edition, to report any problems with the software and receive feedback for such issues. To report any issues or problems, send e-mail to rkinput@microsoft.com. This e-mail address is only for issues related to the Microsoft Windows Security Resource Kit, Second Edition. Microsoft Press also provides corrections for books and companion CDs through the World Wide Web at http://www.microsoft.com/learning/support/. To connect directly to the Microsoft Knowledge Base and enter a query regarding a question or issue that you have, go to http://support.microsoft.com. For issues related to the Windows operating system, please refer to the support information included with your product.

System Requirements

System Requirements for Tools and Scripts

To use the tools included on the companion CD, you’ll need to have installed Micros-fot Windows Server 2003, Windows 2000, or Windows XP.

Recommended System Requirements for the eBook

The following system configuration is recommended for the best viewing experience with Microsoft Press eBooks:

• Microsoft Windows 2003, Windows 2000, or Windows XP

• Pentium II (or similar) with 266-megahertz (MHz) or higher processor

• 64 megabytes (MB) of RAM

• 8× or faster CD-ROM drive

• 800×600 display settings with high-color (16-bit)

• Microsoft Internet Explorer 5.5 or later