Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Windows Security Monitoring: Scenarios and Patterns

Buy

Dig deep into the Windows auditing subsystem to monitor for malicious activities and enhance Windows system security

Written by a former Microsoft security program manager, DEFCON "Forensics CTF" village author and organizer, and CISSP, this book digs deep into the Windows security auditing subsystem to help you understand the operating system′s event logging patterns for operations and changes performed within the system. Expert guidance brings you up to speed on Windows auditing, logging, and event systems to help you exploit the full capabilities of these powerful components. Scenario–based instruction provides clear illustration of how these events unfold in the real world. From security monitoring and event patterns to deep technical details about the Windows auditing subsystem and components, this book provides detailed information on security events generated by the operating system for many common operations such as user account authentication, Active Directory object modifications, local security policy changes, and other activities.

This book is based on the author′s experience and the results of his research into Microsoft Windows security monitoring and anomaly detection. It presents the most common scenarios people should be aware of to check for any potentially suspicious activity.

Learn to:

  • Implement the Security Logging and Monitoring policy
  • Dig into the Windows security auditing subsystem
  • Understand the most common monitoring event patterns related to operations and changes in the Microsoft Windows operating system

About the Author

Andrei Miroshnikov is a former security program manager with Microsoft. He is an organizer and author for the DEFCON security conference "Forensics CTF" village and has been a speaker at Microsoft′s Bluehat security conference. In addition, Andrei is an author of the "Windows 10 and Windows Server 2016 Security Auditing and Monitoring Reference" and multiple internal Microsoft security training documents. Among his many professional qualifications, he has earned the (ISC)2 CISSP and Microsoft MCSE: Security certifications.

(HTML tags aren't allowed.)

Object-Oriented Analysis and Design (Undergraduate Topics in Computer Science)
Object-Oriented Analysis and Design (Undergraduate Topics in Computer Science)

At least some people reading the title of this book may wonder why there should be one more book on the topic of Object Oriented Analysis and Design (OOAD). The short answer to this question is that in our teaching of the subject for over a decade, we have not been able to find a suitable textbook on this topic at our respective...

Using Patient-Friendly Composite Endpoints to Measure the Success of Acute Migraine Medications: 4th Annual Migraine Meeting, Budapest, October 2004: Proceedings (European Nephrology)
Using Patient-Friendly Composite Endpoints to Measure the Success of Acute Migraine Medications: 4th Annual Migraine Meeting, Budapest, October 2004: Proceedings (European Nephrology)
In 1999, my colleagues and I performed a study in 7 hospitals in different regions throughout Spain where 305 patients were questioned about their use of antimigraine medications [1] . The patients reported previous use of the following acute agents: analgesics (99%), nonsteroidal antiinfl ammatory drugs (NSAIDs, 69%),...
Base SAS 9.1 Procedures Guide, Volumes 1, 2, 3 and 4
Base SAS 9.1 Procedures Guide, Volumes 1, 2, 3 and 4
Base SAS software enables you to bring all of your organization's data into a single system! In this three-volume set you have the complete reference for all Base SAS procedures! It contains numerous examples of how to use procedures to analyze, manage, and present your data. An overview of each procedure is provided, giving you a clear idea of...

Server-Based Java Programming
Server-Based Java Programming
Demonstrates how to take full advantage of Java's power on servers by using current technologies such as Java Servlets, Java Web server, and JNDI.

In September1999, Sun Microsystems Inc. released the first draft of the Java2 Enterprise Edition
specification, and Java changed forever.

Since 1997, developers and vendors
...
Beginning Dynamic Websites : with ASP.NET Web Matrix (Programmer to Programmer)
Beginning Dynamic Websites : with ASP.NET Web Matrix (Programmer to Programmer)

With this book and Web Matrix, you’ll be developing your own powerful ASP.NET websites in no time.

We’ll start at the beginning, learning how to create graphical web pages in Web Matrix. Then we’ll use Visual Basic .NET and databases to add the dynamic features usually seen in expensive commercial websites....

Reverse Engineering Code with IDA Pro
Reverse Engineering Code with IDA Pro

If you want to master the art and science of reverse engineering code with IDA Pro for security R&D or software debugging, this is the book for you. Highly organized and sophisticated criminal entities are constantly developing more complex, obfuscated, and armored viruses, worms, Trojans, and botnets. IDA Pros interactive interface and...

©2019 LearnIT (support@pdfchm.net) - Privacy Policy