sign in sign up
<<
Home , Windows Firewall

Windows Security Features – Introduction

Table of Contents

Windows Security Features ...... 2

Objectives -1 ...... 3

Objectives -2 ...... 4

Overview -1 ...... 5

Overview -2 ...... 6

Overview of Built-in Security Features -1 ...... 7

Overview of Built-in Security Features -2 ...... 9

Notices ...... 11

Page 1 of 11 Windows Security Features

Windows Security Features

6_Windows Security Features.pptx

© 2013 Carnegie Mellon University

**001 This module I think is a fun module because it talks about some of the more interesting things--

Page 2 of 11 Objectives -1

Objectives -1

Survey of select built-in security features in Windows such as the , anti-malware, and logging and auditing functions Understand purpose and use of Windows Firewall Understand purpose and use of Windows Defender Understand purpose and use of Windows Certificate Services Understand purpose and use of

2

**002 In Windows security. This is where we talk about firewalls. This is where we talk about antivirus. So, we'll discuss what some of these features are that includes such as the Windows firewall, Windows Defender to give us a little bit of antivirus, anti-malware type of capabilities. We'll talk about certificate services, how I can manage my own public key infrastructure using Windows products. We'll also look at a little bit more about what I can do with group policy editors.

Page 3 of 11 Objectives -2

Objectives -2

Understand purpose and use of AppLocker Understand purpose and use of BitLocker Understand purpose and use of Secure Boot Understand purpose and use of Security Auditing Understand purpose and use of Security Configuration Wizard

3

**003 So, some other neat little features that Microsoft has available to us, an application known as AppLocker, we'll understand what AppLocker does and how it functions. We'll look at BitLocker, some of the strengths and weaknesses of BitLocker. We will discuss this idea of secure boot, making sure that cannot bypass our Windows by booting into, say, a OS and making changes to our systems. We'll discuss a little bit about auditing. And then we'll finish it up with a little bit of the security configuration wizard, what it does for us, and how we use it.

Page 4 of 11 Overview -1

Overview -1

Overview of Built-in Security Features Windows Firewall Windows Defender Windows Active Directory Certificate Services Windows Group Policy

4

**004 So, the first section we're going to get into is just an overview of some of these features. After we hit the overview, then we will delve down into some of the features in a little bit more detail.

Page 5 of 11 Overview -2

Overview -2

Windows AppLocker Windows BitLocker Windows Secure Boot Windows Security Auditing Windows Security Configuration Wizard

5

**005 Right.

Page 6 of 11 Overview of Built-in Security Features -1

Overview of Built-in Security Features -1

Windows Firewall Host-based firewall integrated into Windows operating systems • Permit or deny traffic to pass to/from Windows • Permit or deny applications Windows Defender Microsoft anti-virus and detection and removal with support for safe internet browsing Windows Certificate Services Manage an organizations Public Key Infrastructure (PKI) Windows Group Policy Central management of computers running the Windows operating system

7

**007 First thing, Windows firewall, you guys know what a firewall is. A firewall is primarily a filtering device. It's going to look at communications, and it's going to say these communications, based upon the policy, are allowed and authorized. So, we'll let those go on and happen. These other communications, based upon our policy, not allowed. And so we're going to stop them. We're going to filter them out.

Generally speaking, there are two different types of firewalls. There are network-based firewalls and host based firewalls. Obviously, if it's a Windows firewall, it's going to be a

Page 7 of 11 firewall for our individual host machine. And we'll discuss the Windows advanced firewall, as well, and what we can do in the advanced firewall configurations.

Windows Defender is Microsoft's antivirus slash-- it should say anti- spyware or spyware detection tool that is available to us. And it also helps us so that we can do some safe Internet browsing.

We will discuss Windows certificate services, how we manage our public key infrastructure. So, we'll take a look at what the public key infrastructure is briefly and how we can set it up and maintain our own within a Windows system.

Group policy, that is probably one of the best management tools that we have to provide standardized configurations across multiple systems in our organization. It's one- stop shopping for all and configurations. So, we'll take a look at some of the things we can do with group policy.

Page 8 of 11 Overview of Built-in Security Features -2

Overview of Built-in Security Features -2

Windows AppLocker Microsoft tool used to control access to applications Windows BitLocker Microsoft tool used to encrypt the entire hard drive Windows Secure Boot Prevents untrusted applications from manipulating the boot process

8

**008 AppLocker, it sure would be nice if I could restrict, based upon corporate policy, what applications people are using. And, if nothing else, this is a good tool to help us maintain our licensing agreements. Not only can we use it to help maintain our licensing agreements, we can also use it to kind of meter how often or where people are using the applications from. They might be able to use a certain application while they're in a corporate office, but if they're doing a remote activity, maybe they can't use the application.

BitLocker we're talking about drive encryption, full disk encryption. There

Page 9 of 11 are a host of stories out there on the Internet. And these stories all talk about a stolen laptop.

I remember I received a letter from a government agency one time saying that we've had a laptop that was stolen. And Mark, your information was on that laptop. And I would not have felt bad about it had they said but don't worry the laptop, the whole disk, was encrypted with AES, advanced encryption standard. And it used a two hundred and fifty-six bit key. Had they said we had a laptop stolen and it was encrypted, I would not have cared. But no, they said it's stolen. It's not encrypted, but hey, in the future we will fix that problem. But I was already a victim. So, BitLocker is one of the cool tools that we have available from Microsoft to do disk encryption.

And then the secure boot option, as I mentioned a minute ago, making sure we can only boot into the operating system if we are a trusted, authorized agent to do that boot process.

Page 10 of 11 Notices

Notices

© 2014 Carnegie Mellon University This material is distributed by the Software Engineering Institute (SEI) only to course attendees for their own individual study. Except for the U.S. government purposes described below, this material SHALL NOT be reproduced or used in any other manner without requesting formal permission from the Software Engineering Institute at [email protected].

This material was created in the performance of Federal Government Contract Number FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. The U.S. government's rights to use, modify, reproduce, release, perform, display, or disclose this material are restricted by the Rights in Technical Data-Noncommercial Items clauses (DFAR 252-227.7013 and DFAR 252-227.7013 Alternate I) contained in the above identified contract. Any reproduction of this material or portions thereof marked with this legend must also reproduce the disclaimers contained on this slide. Although the rights granted by contract do not require course attendance to use this material for U.S. government purposes, the SEI recommends attendance to ensure proper understanding. THE MATERIAL IS PROVIDED ON AN “AS IS” BASIS, AND CARNEGIE MELLON DISCLAIMS ANY AND ALL WARRANTIES, IMPLIED OR OTHERWISE (INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR A PARTICULAR PURPOSE, RESULTS OBTAINED FROM USE OF THE MATERIAL, MERCHANTABILITY, AND/OR NON-INFRINGEMENT). CERT ® is a registered mark owned by Carnegie Mellon University.

2

Page 11 of 11