Windows(R) XP Professional Security

Chris Weber is a Security Consultant at Foundstone. Mr. Weber is adept in many facets of Information Technology and secure network computing. He has performed numerous ethical hacking tests, security architecture reviews, and secure application analyses. Prior to Foundstone, Mr. Weber worked for VisionAir, performing enterprise network assessments and mission critical system implementations for some of the largest Police and Sheriff departments in the USA. Mr. Weber's public work includes course development and advisory board membership at the SANS Institute. He has also been a security tutorial honoraria speaker at the USENIX 10th Annual Security Symposium in 2001, and a co-instructor at Computer Security Institute's 2001 Network Security conference in New Orleans. Gary Bahadur, co-founder and Chief Information Officer of Foundstone Inc, has been providing security consulting and training services to Foundstone's clients for the past two years and implements the technical infrastructure necessary provide services to Foundstone's clients. Prior to starting Foundstone with his partners, Mr. Bahadur performed security consulting and training services for Fortune 500 companies at Price Waterhouse and Ernst & Young. Mr. Bahadur has been involved with numerous ethical hacking tests and network reviews covering various firewalls, UNIX, Windows NT, Novell networks, Web servers, Internet connectivity and SAP security during the past 7 years. Mr. Bahadur has helped develop the methodologies for network security reviews and security classes. He is a frequent speaker at security conferences and writes for a number of security related publications including Information Security Magazine and SysAdmin Magazine. Mr. Bahadur holds a Bachelor of Science degree in Information Systems / Finance from New York University and is a Certified Information Systems Security Professional (CISSP).

Part I: Securing the Operating System 1: Security Settings 2: SAFER Software Restriction Policies 3: Registry Security 4: File System Security 5: Operating System Enhancements 6: User and Group Management and Authorization Part II: Network Security 7: IP Security 8: Firewalls 9: Wireless Networking Security 10: Remote Administration and Patch Management Part III: Active Directory, .NET Framework, and Internet Services 11: Active Directory and Group Policy 12: .NET Framework for Administration 13: Internet Services Part IV: Preparing for the Worst 14: Penetration Testing 15: Incident Response Appendix: Default and Recommended Security Settings