PacktLib: Least Privilege Security for Windows 7, Vista and XP

Least Privilege Security for Windows 7, Vista and XP

Credits

About the Author

About the Reviewers

Preface

An Overview of Least Privilege Security in Microsoft Windows

What is privilege?

What is Least Privilege Security?

Least Privilege Security in Windows

Advanced Least Privilege Security concepts

Least Privilege Security in the real world

Benefits of Least Privilege Security on the desktop

What problems does Least Privilege Security not solve?

Common challenges of Least Privilege Security on the desktop

Least Privilege and your organization's bottom line

Summary

Political and Cultural Challenges for Least Privilege Security

Company culture

Getting support from management

User acceptance

Applying Least Privilege Security throughout the enterprise

Managing expectations

Maintaining flexibility

User education

Summary

Solving Least Privilege Problems with the Application Compatibility Toolkit

Quick compatibility fixes using the Program Compatibility Wizard

Achieving application compatibility in enterprise environments

Summary

User Account Control

User Account Control components

The shield icon

User Account Control access token model

Conveniently elevating to admin privileges

Summary

Tools and Techniques for Solving Least Privilege Security Problems

Granting temporary administrative privileges

Bypassing user account control for selected operations

Configuring applications to run with elevated privileges on-the-fly

Solving LUA problems with Avecto Privilege Guard

Suppressing unwanted User Account Control prompts

Setting permissions on files and registry keys

Fixing problems with the HKey Classes Root registry hive

Mapping .ini files to the registry

Using LUA Buglight to identify file and registry access violations

Summary

Software Distribution using Group Policy

Installing software using Group Policy

Summary

Managing Internet Explorer Add-ons

ActiveX controls

Managing add-ons

Summary

Supporting Users Running with Least Privilege

Providing support

Troubleshooting using remote access

Enabling and using command-line remote access tools

Enabling and using graphical remote access tools

Configuring Windows Firewall to allow remote access

Summary

Deploying Software Restriction Policies and AppLocker

Controlling applications

Implementing Software Restriction Policy

AppLocker

Summary

Least Privilege in Windows XP

Installing Windows XP using the Microsoft Deployment Toolkit

Windows XP security model

CD burning

ActiveX controls

Changing the system time and time zone

Power management

Managing network configuration

Identifying LUA problems using Standard User Analyzer

Summary

Preparing Vista and Windows 7 for Least Privilege Security

The Application Compatibility Toolkit

Creating a Data Collection Package

Printers and Least Privilege Security

Logon scripts

Why do a desktop refresh from a technical perspective?

Different methods of reinstalling Windows

Reinstall Vista or Windows 7 with Least Privilege Security

Summary

Provisioning Applications on Secure Desktops with Remote Desktop Services

Introducing Remote Desktop Services

Summary

Balancing Flexibility and Security with Application Virtualization

Microsoft Application Virtualization 4.5 SP1 for Windows desktops

VMware ThinApp

Summary

Deploying XP Mode VMs with MED-V

Solving least privilege security problems using virtual machines

Microsoft Enterprise Desktop Virtualization (MED-V)

Summary