A comprehensive guide to administering and protecting the latest Windows 11 and Windows Server 2022 from the complex cyber threats Key Features Learn to protect your Windows environment using zero-trust and a multi-layered security approach - Implement security controls using Intune, Configuration Manager, Defender for Endpoint, and more - Understand how to onboard modern cyber-threat defense solutions for Windows clients Book Description Are you looking for the most current and effective ways to protect Windows-based systems from being compromised by intruders? This updated second edition is a detailed guide that helps you gain the expertise to implement efficient security measures and create robust defense solutions using modern technologies. The first part of the book covers security fundamentals with details around building and implementing baseline controls. As you advance, you’ll learn how to effectively secure and harden your Windows-based systems through hardware, virtualization, networking, and identity and access management (IAM). The second section will cover administering security controls for Windows clients and servers with remote policy management using Intune, Configuration Manager, Group Policy, Defender for Endpoint, and other Microsoft 365 and Azure cloud security technologies. In the last section, you’ll discover how to protect, detect, and respond with security monitoring, reporting, operations, testing, and auditing. By the end of this book, you’ll have developed an understanding of the processes and tools involved in enforcing security controls and implementing zero-trust security principles to protect Windows systems. What you will learn Build a multi-layered security approach using zero-trust concepts - Explore best practices to implement security baselines successfully - Get to grips with virtualization and networking to harden your devices - Discover the importance of identity and access management - Explore Windows device administration and remote management - Become an expert in hardening your Windows infrastructure - Audit, assess, and test to ensure controls are successfully applied and enforced - Monitor and report activities to stay on top of vulnerabilities Who this book is for If you're a cybersecurity or technology professional, solutions architect, systems engineer, systems administrator, or anyone interested in learning how to secure the latest Windows-based systems, this book is for you. A basic understanding of Windows security concepts, Intune, Configuration Manager, Windows PowerShell, and Microsoft Azure will help you get the best out of this book. Table of Contents Fundamentals of Windows Security - Building a Baseline - Hardware and Virtualization - Networking Fundamentals for Hardening Windows - Identity and Access Management - Administration and Policy Management - Deploying Windows Securely - Keeping Your Windows Client Secure - Advanced Hardening for Windows Clients - Mitigating Common Attack Vectors - Server Infrastructure Management - Keeping Your Windows Server Secure - Security Monitoring and Reporting - Security Operations - Testing and Auditing - Top 10 Recommendations and the Future “Mastering Windows Security and Hardening by Mark Dunkerley and Matt Tumbarello is a book that every Windows administrator or systems engineer needs to have in their library. This book would do well with any security professional as well. After establishing the why, Mark and Matt begin detailing the what and how of every aspect of security and Microsoft best practices, identity and access management, administration and policy management, deployment, client and server hardening, and more. While many of the concepts can be applied to older versions of Windows, they focus on the latest release of Windows 11 2022. Of note, and what makes this valuable as a resource for new and old IT/security professionals alike, is the fact that they include the other aspects of a properly hardened system. In addition, they provide future considerations so that a holistic approach can be established as part of the Windows hardening approach. This is a book well worth the read for now and for years to come.” -- Lester E. Nichols III, MSIA, CISSP, GCED, GPPA, GSEC, MCSA, CompTIA Security+ Mark Dunkerley is a cybersecurity and technology leader with over 20 years of experience working in higher education, healthcare, and Fortune 100 companies. Mark has extensive knowledge in IT architecture and cybersecurity through delivering secure technology solutions and services. He has experience in cloud technologies, vulnerability management, vendor risk management, identity and access management, security operations, security testing, awareness and training, application and data security, incident and response management, regulatory and compliance, and more. Mark holds a master's degree in business administration and has received certifications through (ISC)², AirWatch, Microsoft, CompTIA, VMware, AXELO