ONE OF THE MORE DIFFICULT TASKS when securing any computer system or network is identifying where to start. There are many components in any computing environment. Each component is a potential point of attack. Since the operating system provides the ability for software and hardware to interact, it is a good starting point for securing an entire environment. On any computer, the operating system enables software to access physical resources. For example, it is the operating system that governs how any application actually reads from, or writes to, a physical disk. Consequently, the operating system is a prime candidate for attack and a valuable resource to protect.

From an attacker’s point of view, a compromised operating system provides easy access to protected information and resources. Compromising operating system controls gives the attacker the ability to remove evidence of attacks and “clean up” any leftover log entries or other traces of the attack. A secure operating system is the basis of a secure environment.

In this chapter, you will learn about the Windows operating system architecture and controls to ensure system security. You will also learn how attackers search for, identify, and exploit operating system vulnerabilities. With the knowledge of how attackers operate, you’ll be able to select and implement the right controls to secure your environment.