Contents

Introduction

Phase 1: The Grunt Work of Security

Task 1.1: Performing an Initial Risk Assessment

Task 1.2: Determining Which Security Policy Is Most Important

Task 1.3: Establishing a User-Awareness Program

Task 1.4: Reviewing a Physical-Security Checklist

Task 1.5: Understanding the Value of Documents

Phase 2: Hardening Systems

Task 2.1: Managing Services

Task 2.2: Managing Ports

Task 2.3: Patching the Operating System

Task 2.4: Security Templates

Task 2.5: Securing Autoruns

Task 2.6: Securing Hardware Devices

Task 2.7: Virtualization

Task 2.8: Locking the Computer Using an Idle Time-out

Phase 3: Malicious Software

Task 3.1: Installing, Updating, and Running Antivirus Software

Task 3.2: Using a Rootkit Checker

Task 3.3: Adware

Task 3.4: Using a Spyware Checker

Task 3.5: Malicious Software Removal Tool

Task 3.6: McAfee Site Advisor

Task 3.7: ARP Poisoning with Cain & Abel

Task 3.8: Attacking Authentication with Firesheep

Phase 4: Secure Storage

Task 4.1: The Encrypting File System

Task 4.2: EFS Data Recovery

Task 4.3: Implementing Syskey

Task 4.4: Converting FAT to NTFS

Task 4.5: Implementing Disk Fault Tolerance with RAID

Task 4.6: Backing Up Data

Task 4.7: Restoring Data from a Backup

Task 4.8: Securing Shares

Task 4.9: BitLocker Drive Encryption

Task 4.10: Securing Data to Satisfy FIPS 140-2 Using PGP Desktop

Phase 5: Managing User Accounts

Task 5.1: Creating User Accounts

Task 5.2: Implementing the Password Policy

Task 5.3: Auditing Logons

Task 5.4: Securing the Default User Accounts

Task 5.5: Implementing a Deny Group

Phase 6: Network Security

Task 6.1: Deploying IPSec

Task 6.2: Configuring the VPN Server

Task 6.3: Configuring the VPN Client

Task 6.4: Implementing Secure Remote Administration

Task 6.5: Secure Administration Using Run As

Task 6.6: Configuring a Packet Filter

Task 6.7: Implementing 802.11 Wireless Security

Task 6.8: Implementing an IPSec VPN Using AES

Task 6.9: Implementing a Personal Firewall

Phase 7: Securing Internet Activity

Task 7.1: Configuring Internet Access

Task 7.2: Using Internet Explorer Security Zones

Task 7.3: Configuring IE for Secure Use of Cookies

Task 7.4: Using Internet Connection Sharing

Task 7.5: Securing Email

Task 7.6: Spam Management

Task 7.7: Installing and Using a Digital Certificate

Task 7.8: Certificate Backup and Management

Task 7.9: Performing Secure File Exchange

Task 7.10: Validating Downloads and Checking the Hash

Task 7.11: Logging and Recording Internet Activity

Task 7.12: Using HTTPS to Encrypt Web Traffic

Task 7.13: Using Force-TLS to Add Security to Web Browsing

Phase 8: Security Testing

Task 8.1: Penetration Testing with Nessus

Task 8.2: Penetration Testing with Retina

Task 8.3: Performing Assessments with MBSA

Task 8.4: Performing Security Assessments with IT Shavlik

Task 8.5: Performing Internet Vulnerability Profiling

Task 8.6: Tracking Hostile IPs

Task 8.7: Investigating Netcat

Task 8.8: Exploiting Vulnerabilities with Metasploit

Phase 9: Investigating Incidents

Task 9.1: Configuring an Audit Policy for Object Access

Task 9.2: Reviewing the Audit Logs

Task 9.3: Forcing a Memory Dump

Task 9.4: Capturing Packets with the Packet Analyzer: Wireshark

Task 9.5: Recovering Previous Versions of Files

Task 9.6: Recovering Deleted Content from the File System

Phase 10: Security Troubleshooting

Task 10.1: Booting into Safe Mode

Task 10.2: Implementing Last Known Good Configuration

Task 10.3: Using System Restore

Task 10.4: Sanitizing Media

Task 10.5: Implementing a Host-Based Intrusion Detection System

Index