Windows security monitoring : scenarios and patterns

Book Cover
Average Rating
Author
Miroshnikov, Andrei,
Published
Indianapolis, IN : John Wiley & Sons, Inc., [2018].
Status
Available Online

Description

Dig deep into the Windows auditing subsystem to monitor for malicious activities and enhance Windows system security

Written by a former Microsoft security program manager, DEFCON "Forensics CTF" village author and organizer, and CISSP, this book digs deep into the Windows security auditing subsystem to help you understand the operating system′s event logging patterns for operations and changes performed within the system. Expert guidance brings you up to speed on Windows auditing, logging, and event systems to help you exploit the full capabilities of these powerful components. Scenario–based instruction provides clear illustration of how these events unfold in the real world. From security monitoring and event patterns to deep technical details about the Windows auditing subsystem and components, this book provides detailed information on security events generated by the operating system for many common operations such as user account authentication, Active Directory object modifications, local security policy changes, and other activities.

This book is based on the author′s experience and the results of his research into Microsoft Windows security monitoring and anomaly detection. It presents the most common scenarios people should be aware of to check for any potentially suspicious activity.

Learn to:

  • Implement the Security Logging and Monitoring policy
  • Dig into the Windows security auditing subsystem
  • Understand the most common monitoring event patterns related to operations and changes in the Microsoft Windows operating system
About the Author

Andrei Miroshnikov is a former security program manager with Microsoft. He is an organizer and author for the DEFCON security conference "Forensics CTF" village and has been a speaker at Microsoft′s Bluehat security conference. In addition, Andrei is an author of the "Windows 10 and Windows Server 2016 Security Auditing and Monitoring Reference" and multiple internal Microsoft security training documents. Among his many professional qualifications, he has earned the (ISC)2 CISSP and Microsoft MCSE: Security certifications.

More Details

Format
Language
English
ISBN
9781119390879, 1119390877, 9781119390909, 1119390907, 9781119390893, 1119390893

Notes

General Note
Includes index.
Bibliography
Includes bibliographical references and index.
Description
With expert guidance to bring you up to speed on Windows auditing, logging, and event systems to help you exploit the full capabilities of these powerful components, this book offers scenariobased instruction providing clear illustration of how these events unfold in the real world. -- Edited summary from book.
Local note
O'Reilly O'Reilly Online Learning: Academic/Public Library Edition

Discover More

More Like This

  • Windows security internals Cover
  • Mastering Windows security and hardening: secure and protect your Windows environment from intruders, malware attacks, and other cyber threats Cover
  • Mastering Windows security and hardening: secure and protect your Windows environment from cyber threats using zero-trust security principles Cover
  • Learning malware analysis: explore the concepts, tools, and techniques to analyze and investigate Windows malware Cover
  • Hands-on penetration testing on Windows: unleash Kali Linux, PowerShell, and Windows debugging tools for security testing and analysis Cover
  • Windows Forensics: Understand Analysis Techniques for Your Windows Cover
  • Practical mobile forensics: a hands-on guide to mastering mobile forensics for the iOS, Android, and Windows Phone platforms Cover
  • Windows operating system fundamentals Cover
  • Visual Studio code distilled: evolved code editing for Windows, macOS, and Linux Cover
  • Exploring Windows Presentation Foundation: with practical applications in .NET 5 Cover
  • Troubleshooting and supporting Windows 11: creating robust, reliable, sustainable, and secure systems Cover
  • Learn Windows subsystem for Linux: a practical guide for developers and IT professionals Cover
  • Mastering PowerShell Scripting: Automate Repetitive Tasks and Simplify Complex Administrative Tasks Using PowerShell Cover
  • Windows 10 plain & simple Cover
  • Essential PowerShell for Office 365: managing and automating skills for improved productivity Cover
  • Learn PowerShell scripting in a month of lunches Cover
  • PowerShell 7 Workshop: Learn How to Program with PowerShell 7 on Windows, Linux, and the Raspberry Pi Cover
  • Windows 11 for enterprise administrators: unleash the power of Windows 11 with effective techniques and strategies Cover
  • Mastering Windows presentation foundation: master the art of building modern desktop applications on Windows Cover
  • Computer basics: Windows 10 edition : absolute beginner's guide Cover
  • Exam ref 70-741: networking with Windows server 2016 Cover
  • Programming for mixed reality with Windows 10, Unity, Vuforia, and UrhoSharp Cover
  • Mastering Windows PowerShell scripting: automate and manage your environment using PowerShell Core 6.0 Cover
  • Mastering Active Directory - Second Edition Cover
  • Windows 10 For Dummies, 4th Edition Cover

Author Notes

Loading Author Notes...

Reviews from GoodReads

Loading GoodReads Reviews.

Citations

APA Citation, 7th Edition (style guide)

Miroshnikov, A. (2018). Windows security monitoring: scenarios and patterns . John Wiley & Sons, Inc..

Chicago / Turabian - Author Date Citation, 17th Edition (style guide)

Miroshnikov, Andrei. 2018. Windows Security Monitoring: Scenarios and Patterns. Indianapolis, IN: John Wiley & Sons, Inc.

Chicago / Turabian - Humanities (Notes and Bibliography) Citation, 17th Edition (style guide)

Miroshnikov, Andrei. Windows Security Monitoring: Scenarios and Patterns Indianapolis, IN: John Wiley & Sons, Inc, 2018.

Harvard Citation (style guide)

Miroshnikov, A. (2018). Windows security monitoring: scenarios and patterns. Indianapolis, IN: John Wiley & Sons, Inc.

MLA Citation, 9th Edition (style guide)

Miroshnikov, Andrei. Windows Security Monitoring: Scenarios and Patterns John Wiley & Sons, Inc., 2018.

Note! Citations contain only title, author, edition, publisher, and year published. Citations should be used as a guideline and should be double checked for accuracy. Citation formats are based on standards as of August 2021.

Staff View

Grouped Work ID
d1a75ea1-0297-4b4f-13ef-e5461aaa7a7a-eng
Go To Grouped Work View in Staff Client

Grouping Information

Grouped Work IDd1a75ea1-0297-4b4f-13ef-e5461aaa7a7a-eng
Full titlewindows security monitoring scenarios and patterns
Authormiroshnikov andrei
Grouping Categorybook
Last Update2025-04-28 03:30:04AM
Last Indexed2025-05-22 03:39:27AM

Book Cover Information

Image SourcecontentCafe
First LoadedJan 18, 2024
Last UsedDec 16, 2024

Marc Record

First DetectedMar 21, 2023 11:45:35 AM
Last File Modification TimeMar 21, 2023 11:45:35 AM
SuppressedRecord had no items

MARC Record

LEADER03498cam a2200649 i 4500
001on1028747456
003OCoLC
00520230321114351.0
006m     o  d        
007cr cnu|||unuuu
008180316t20182018inu     ob    001 0 eng d
015 |a GBB7K9872|2 bnb
015 |a GBB7L2869|2 bnb
0167 |a 018589787|2 Uk
0167 |a 018592784|2 Uk
019 |a 1029208280|a 1029243736|a 1029339371|a 1029340759|a 1031215673|a 1033615123|a 1033680560|a 1035364181|a 1035827050|a 1103252838|a 1153031724|a 1192345462|a 1240523980
020 |a 9781119390879|q (electronic bk.)
020 |a 1119390877|q (electronic bk.)
020 |a 9781119390909|q (electronic bk. ;|q oBook)
020 |a 1119390907|q (electronic bk. ;|q oBook)
020 |a 9781119390893|q (PDF ebook)
020 |a 1119390893|q (PDF ebook)
035 |a (OCoLC)1028747456|z (OCoLC)1029208280|z (OCoLC)1029243736|z (OCoLC)1029339371|z (OCoLC)1029340759|z (OCoLC)1031215673|z (OCoLC)1033615123|z (OCoLC)1033680560|z (OCoLC)1035364181|z (OCoLC)1035827050|z (OCoLC)1103252838|z (OCoLC)1153031724|z (OCoLC)1192345462|z (OCoLC)1240523980
037 |a CL0500000955|b Safari Books Online
040 |a N$T|b eng|e rda|e pn|c N$T|d N$T|d NLE|d OCLCF|d CNCGM|d DG1|d OCLCA|d UMI|d STF|d YDX|d OCLCQ|d OCLCO|d UAB|d UPM|d TOH|d OCLCQ|d CEF|d KSU|d DEBBG|d OCLCA|d YOU|d OCLCQ|d OCLCO|d G3B|d RECBK|d S9I|d U3W|d K6U|d OCLCQ|d OCLCO|d D6H|d ESU|d AU@|d UKAHL|d COO|d VT2|d C6I|d OCLCO|d OCLCQ|d OCLCA|d UKMGB|d BRF|d OCLCQ|d OCLCO|d OCLCQ
049 |a MAIN
050 4|a QA76.9.A25
072 7|a COM053000|2 bisacsh
08204|a 005.8|2 23
1001 |a Miroshnikov, Andrei,|e author.
24510|a Windows security monitoring :|b scenarios and patterns /|c Andrei Miroshnikov.
264 1|a Indianapolis, IN :|b John Wiley & Sons, Inc.,|c [2018]
264 4|c ©2018
300 |a 1 online resource
336 |a text|b txt|2 rdacontent
337 |a computer|b c|2 rdamedia
338 |a online resource|b cr|2 rdacarrier
347 |a data file
500 |a Includes index.
504 |a Includes bibliographical references and index.
520 |a With expert guidance to bring you up to speed on Windows auditing, logging, and event systems to help you exploit the full capabilities of these powerful components, this book offers scenariobased instruction providing clear illustration of how these events unfold in the real world. --|c Edited summary from book.
5880 |a Online resource; title from PDF title page (EBSCO, viewed March 21, 2018).
590 |a O'Reilly|b O'Reilly Online Learning: Academic/Public Library Edition
63000|a Microsoft Windows (Computer file)|9 15379
63007|a Microsoft Windows (Computer file)|2 fast|0 (OCoLC)fst01367862|9 15379
650 0|a Computer security.|9 65527
77608|i Print version:|a Miroshnikov, Andrei.|t Windows security monitoring.|d Indianapolis, IN : John Wiley & Sons, Inc., [2018]|z 9781119390640|z 1119390648|w (OCoLC)987796351
85640|u https://library.access.arlingtonva.us/login?url=https://learning.oreilly.com/library/view/~/9781119390640/?ar|x O'Reilly|z eBook
938 |a Askews and Holts Library Services|b ASKH|n AH32915605
938 |a Askews and Holts Library Services|b ASKH|n AH32915606
938 |a EBSCOhost|b EBSC|n 1733289
938 |a Recorded Books, LLC|b RECE|n rbeEB00744141
938 |a YBP Library Services|b YANK|n 15322515
938 |a YBP Library Services|b YANK|n 15224273
938 |a YBP Library Services|b YANK|n 15229508
994 |a 92|b VIA
999 |c 285994|d 285994