Microsoft Windows Security Fundamentals

For Windows 2003 SP1 and R2


  • Jan De Clercq, Senior Consultant, HP Consulting and Integration, Hewlett-Packard Company, Belgium
  • Guido Grillenmeier, Senior Consultant within the Enterprise Microsoft Services Organization at Hewlett Packard

This is the first of two books serving as an expanded and up-dated version of Windows Server 2003 Security Infrastructures for Windows 2003 Server R2 and SP1 & SP2. The authors choose to encompass this material within two books in order to illustrate the intricacies of the different paths used to secure MS Windows server networks. Since its release in 2003 the Microsoft Exchange server has had two important updates, SP1 and SP2. SP1, allows users to increase their security, reliability and simplify the administration of the program. Within SP1, Microsoft has implemented R2 which improves identity and access management across security-related boundaries. R2 also improves branch office server management and increases the efficiency of storage setup and management. The second update, SP2 minimizes spam, pop-ups and unwanted downloads. These two updated have added an enormous amount of programming security to the server software.
View full description


• IT Specialists and Solution Architects involved in the planning and design of a Windows Server 2003 infrastructure. • Windows consultants that want to understand at a deep level how security in Windows Server 2003 works.• Security Consultants that want to get a clear view on Microsoft OS security.• IT Managers that want to develop a vision around the security of their Windows Server 2003 infrastructure.


Book information

  • Published: October 2006
  • Imprint: DIGITAL PRESS
  • ISBN: 978-1-55558-340-8

Table of Contents

Book Part 1: Windows Security FundamentalsPart 1: IntroductionChapter 1: The Challenge of Trusted Security Infrastructures Chapter 2: Windows Security Authorities and PrincipalsChapter 3: Trust RelationshipsPart 2 AuthenticationChapter 4: Introducing Windows AuthenticationChapter 5: KerberosChapter 6: IIS AuthenticationChapter 7: Unix Authentication IntegrationChapter 8: Single Sign-onPart 3 AuthorizationChapter 9: Introducing Windows AuthorizationChapter 10: Active Directory AuthorizationChapter 11: Active Directory DelegationBook Part 2: Advanced Windows Security ServicesPart 4 Advanced Authorization TopicsChapter 12: Malicious Mobile Code ProtectionChapter 13: Rights Management ServicesPart 5 Identity ManagementChapter 14: Introducing Microsoft Identity ManagementChapter 15: Identity Management RepositoriesChapter 16: AD Federation ServicesPart 6 Public Key InfrastructureChapter 17: Introducing Windows Public Key InfrastructureChapter 18: Windows PKI TrustChapter 19: The Certificate LifecycleChapter 20: Building a Windows Server 2003 Public Key Infrastructure Chapter 21: PKI-enabled applicationsPart 7 Security ManagementChapter 22: Security Policy ManagementChapter 23: Security Patch ManagementChapter 24: Security-related AuditingChapter 25: Active Directory Disaster Recovery