Although not well known, Microsoft Windows has the best security of any popular operating system in the world today. What Windows has is poor default security. There are specific steps any professional can take to significantly increase the security of Microsoft Windows. Unfortunately, most books and the news media keep reinforcing the failed, traditional recommendations of firewalls, antivirus scanners, and end user education. Those defenses have failed and will always fail. The reason why the traditional advice fails is that most defenses and courses concentrate on defending PCs against the motivated hacker, when 99 of the attacks (and 100 of the popular attacks) are caused by malicious viruses, worms, and trojans. Defending against these mobile threats calls for specific tasks that when implemented, defeat most threats, no matter the brand of firewall or virus scanner you've purchased. Better, yet, most of the good defenses are free, included with Windows (just not implemented correctly).

This book:

• Shows how to improve Windows desktop and server security by configuring default security before installing off-the-shelf security products
• Educates readers about the most significant security threats, building the ultimate defense, operating system hardening, application security, and automating security
• As a security consultant, the author has an impressive record-of his clients, not one who followed his recommendations has suffered a virus, worm, Trojan, or successful hacker attack in the past five years

About the Author

Roger A. Grimes (CPA, CISSP, MCSE: Security, MVP, CEH, CHFI, TICSA) is a 20-year computer security consultant, writer, and teacher. He has written over a 150 national magazine articles on computer security, and this is his fifth book on Microsoft Windows security. He has consulted for many of the world's best-known enterprises (including McAfee, Microsoft, Verisign, and IBM), multiple universities, cities and school systems, plus every branch of the U.S. armed forces. He is currently a highly rated instructor teaching Windows and Linux security in Foundstone's Ultimate Hacking classes. He has presented at many of the industry's largest conferences, including MCP TechMentor, Windows Connections, and SANS. He was a contributing editor for Windows IT Pro magazine, and is the security columnist for InfoWorld magazine. He has written several advanced security courses, including for Microsoft. He is a three-year recipient of Microsoft's Most Valuable Professional (MVP) award.