[ISN] REVIEW: "Microsoft Windows NT 4.0 Security, Audit, and Control",

From: cult hero (jerichoat_private)
Date: Tue May 25 1999 - 23:03:24 PDT

Next message: cult hero: "[ISN] LCI Intros SMARTpen Biometric Signature Authentication"

Previous message: cult hero: "[ISN] Slip of the Tongue Lightens up Encryption Hearing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Forwarded From: "Rob Slade" <rsladeat_private>

BKWNTSAC.RVW   990409

"Microsoft Windows NT 4.0 Security, Audit, and Control", James G.
Jumes et al, 1999, 1-57231-818-X, U$49.99/C$71.99/UK#45.99
%A   James G. Jumes
%A   Neil F. Cooper
%A   Paula Chamoun
%A   Todd M. Feinman
%C   1 Microsoft Way, Redmond, WA   98052-6399
%D   1999
%G   1-57231-818-X
%I   Microsoft Press
%O   U$49.99/C$71.99/UK#45.99 800-6777377 fax: 206-936-7329
%P   318 p.
%S   Technical Reference
%T   "Microsoft Windows NT 4.0 Security, Audit, and Control"

The primary audience described in the introduction seems to be security
professionals.  However, system administrators, technology managers, and
CIOs are mentioned as well.  The attempt at breadth of coverage usually
does not bode well in works like these. 

Chapter one discusses an information security model based upon the
business (and other) objectives of the institution in question.  While
valid as far as it goes, and even possibly helpful when formulating
security policy, this by no means provides a structure from which to view
either security policy or procedures, let alone implement a complex set of
controls.  The widget company, beloved of management writers, is described
in chapter two.  For the purposes of assessing security in real world
working environments, this particular widget company seems to be
astoundingly simple and homogeneous. 

Chapter three starts out talking reasonably about security policy, starts
to get flaky in risk assessment (I would definitely worry about a .45
chance of an earthquake), and tails off into trivia. Monitoring, in
chapter four, looks first at system performance and diagnostics, and then
gets into event logging without really going into the concepts.  Many
areas of physical security are left uncovered in chapter five.  Chapter
six discusses domains, trust relationships, and remote access permissions. 
Dialogue boxes for user accounts and groups are listed in chapter seven. 
There is some mention of the commonly "received wisdom" in regard to these
topics, as there is in chapter eight regarding account policies, but
nothing very significant.  File system, share, and other resource control
is covered in chapter nine.  Chapter ten is a bit of a grab bag without
much focus.  The registry is reviewed in chapter eleven.  Chapter twelve
looks briefly at power supplies and backups.  Although it talks about
auditing, chapter thirteen is more of a checklist of security features to
think about.  Appendix A is a bit better in this regard:  it lists
recommended settings across a number of functions for six different types
of systems. 

There is some discussion of options as the various functions are
addressed, so, in a sense, this is a start towards full coverage of NT
security.  It has a long way to go, though.  In addition, the deliberation
comes at the cost of a loss of some detail in terms of security
implementation. 

-o-
Subscribe: mail majordomoat_private with "subscribe isn".
Today's ISN Sponsor: OSAll [www.aviary-mag.com]

Next message: cult hero: "[ISN] LCI Intros SMARTpen Biometric Signature Authentication"
Previous message: cult hero: "[ISN] Slip of the Tongue Lightens up Encryption Hearing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:23:45 PDT