[Book Review] Windows Security Essentials

Every asset in an organization always has risk. That is my first mind set when starting to read this book. The challenge is to minimize the risk and maintain its level to a level where we can handle it. One way to minimize risk is implementing security controls. It should be applied as a holistic security. Holistic security covers people, processes and technology elements where our systems or applications are. It also include physical place where our hardware are placed.

If you have system(s) running on Windows, you can read this book, Windows Security Essentials. This book covers the basic of security in a Microsoft environment. Some interesting topics in this book are

Understanding how risk and threat impact security principles

Recognizing malware in all its forms

Defending against social engineering attacks

Identifying the three aspects of user authentication

Securing access using NTFS permissions

Protecting clients, servers, and networks

Understanding encryption, certificates and PKIs

The one thing I like from this book is about understanding risk and hardening our system. It explaining from the basic with explanation that is easy to understand. I get more knowledge about NTFS and how to secure it with permissions.