[ISN] REVIEW: "Microsoft Windows NT 4.0 Security, Audit, and Control",

From: cult hero (jerichoat_private)
Date: Tue May 25 1999 - 23:03:24 PDT

  • Next message: cult hero: "[ISN] LCI Intros SMARTpen Biometric Signature Authentication"

    Forwarded From: "Rob Slade" <rsladeat_private>
    BKWNTSAC.RVW   990409
    "Microsoft Windows NT 4.0 Security, Audit, and Control", James G.
    Jumes et al, 1999, 1-57231-818-X, U$49.99/C$71.99/UK#45.99
    %A   James G. Jumes
    %A   Neil F. Cooper
    %A   Paula Chamoun
    %A   Todd M. Feinman
    %C   1 Microsoft Way, Redmond, WA   98052-6399
    %D   1999
    %G   1-57231-818-X
    %I   Microsoft Press
    %O   U$49.99/C$71.99/UK#45.99 800-6777377 fax: 206-936-7329
    %P   318 p.
    %S   Technical Reference
    %T   "Microsoft Windows NT 4.0 Security, Audit, and Control"
    The primary audience described in the introduction seems to be security
    professionals.  However, system administrators, technology managers, and
    CIOs are mentioned as well.  The attempt at breadth of coverage usually
    does not bode well in works like these. 
    Chapter one discusses an information security model based upon the
    business (and other) objectives of the institution in question.  While
    valid as far as it goes, and even possibly helpful when formulating
    security policy, this by no means provides a structure from which to view
    either security policy or procedures, let alone implement a complex set of
    controls.  The widget company, beloved of management writers, is described
    in chapter two.  For the purposes of assessing security in real world
    working environments, this particular widget company seems to be
    astoundingly simple and homogeneous. 
    Chapter three starts out talking reasonably about security policy, starts
    to get flaky in risk assessment (I would definitely worry about a .45
    chance of an earthquake), and tails off into trivia. Monitoring, in
    chapter four, looks first at system performance and diagnostics, and then
    gets into event logging without really going into the concepts.  Many
    areas of physical security are left uncovered in chapter five.  Chapter
    six discusses domains, trust relationships, and remote access permissions. 
    Dialogue boxes for user accounts and groups are listed in chapter seven. 
    There is some mention of the commonly "received wisdom" in regard to these
    topics, as there is in chapter eight regarding account policies, but
    nothing very significant.  File system, share, and other resource control
    is covered in chapter nine.  Chapter ten is a bit of a grab bag without
    much focus.  The registry is reviewed in chapter eleven.  Chapter twelve
    looks briefly at power supplies and backups.  Although it talks about
    auditing, chapter thirteen is more of a checklist of security features to
    think about.  Appendix A is a bit better in this regard:  it lists
    recommended settings across a number of functions for six different types
    of systems. 
    There is some discussion of options as the various functions are
    addressed, so, in a sense, this is a start towards full coverage of NT
    security.  It has a long way to go, though.  In addition, the deliberation
    comes at the cost of a loss of some detail in terms of security
    Subscribe: mail majordomoat_private with "subscribe isn".
    Today's ISN Sponsor: OSAll [www.aviary-mag.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:23:45 PDT