Average Customer Review:
Write an online review and share your thoughts with other customers.
Not for Beginners Jul 15, 2004
Cox & Sheldon take a lot for granted - Their book is great if you're studying for the MCSE or have any kind of networking background but if you're new to group policy, domains and OUs and the like, then it's likely going to be a struggle to read. I gave the book 5 stars because eventually, through hands on, self-taught trial & error on my own system, I was able to master some of the basic security concepts. If you're a lazy n00b and you don't have any kind of initiative or a mentor, then don't waste your time or money with the book.
1 of 1 found the following review helpful:
Authoritative, Readable... even Engaging! Jul 24, 2002
Can you imagine a book on Operating System Security actually being a good read? This one is just that!
As a SQL Database guy finishing up my MCSE 2000 with the "Win2K Security Design - 70-220" exam, I sought, and found, a resource to solidify and integrate all of the Win2K security concepts covered in earlier exams. I sought a book that was very readable, and I was willing to allow that, by itself, it need not be completely exhaustive as a MCSE exam #70-220 study guide.
Bottom Line: This book was a home run for me. My comfort level with concepts of IPSec, PKI, EFS, threat types, auditing and firewalls has risen remarkably. On the down side, the book is relatively basic and the fairly lengthy coverage of Active Directory, group policies, etc., may be overly ambitious for this book, and is probably better learned elsewhere in a dedicated AD book. In a larger sense, however, this book really delivered the goods, as specified above.Now I need to identify another resource with which to complete my Security Design studies.
As a sidebar, I have found the first 75 pages of Coriolis' "Exam Cram: Win2K Security Design" to be so full of wordy fluff-speak as to abandon it.
10 of 10 found the following review helpful:
 An unapologetic and complete look at Windows 2000 security Sep 01, 2001
I am a senior engineer for network security operations. I read the Windows 2000 Security Handbook (W2KSH) to learn how to advise clients on improving the survivability of their Windows 2000 platforms. Like its predecessor, Tom Sheldon's excellent "Windows NT Security Handbook," W2KSH delivers practical content in a digestable format. I recommend Windows 2000 system administrators read and heed this book.
Good operating system security books are thorough, educational, and honest; W2KSH is all three. The authors are not mindless Microsoft prophets -- consider this sample from page 501: "It seems that Microsoft just does not get it when it comes to the need for robust auditing/logging of services... the logging configurations are totally inadequate." To deal with these and other deficiencies, W2KSH provides installation, configuration, and deployment recommendations. This advice, on topics like Active Directory, user and group management, and file systems, equips system administrators to survive hostile network environments.
As an intrusion detector, I was most happy to read how the Microsoft security model operates, and what components present the greatest vulnerabilities. I appreciated explanations of system and discretionary access control lists, and how to effectively employ them. I learned Microsoft includes Web, FTP, SMTP, and NNTP features in Internet Information Service (IIS). I also became aware of best practices for secure deployment of a Microsoft infrastructure.
W2KSH has a few problems. Like Microsoft products, its "backwards compatibility" revealed weaknesses. For example, some text was lifted directly from Shelton's earlier book, but necessary background material was omitted (see pages 86, 88-90, 148). This issue was awkward but minor. I also did not leave the book with a strong understanding of the different types of groups in Windows 2000. Such complexity is not the authors' fault. They show that the OS' dozens of options leaves plenty of room for misconfiguration, leading to compromise.
If you're familiar with general security practices, skip Part I (TCP/IP, threats, countermeasures, and policies). I recommend the authors mention these topics briefly in the introduction and move the bulk to appendices. Start with Part II, and keep your highlighter handy. W2KSH gives balanced insight into the workings of Windows 2000, and helps system administrators and security personnel better understand the opportunities and liabilities of running this operating system.
4 of 4 found the following review helpful:
Major Kudos for an Outstanding Resource Jul 06, 2001
I've read many books on Windows NT and Windows 2000 security. Most did not live up to my expectations. They were difficult to read and you needed a Computer Science/Engineering degree to understand them. In my opinion, this book is THE best book on Windows 2000 Security. Mr Cox and Mr Sheldon wrote a very easy to read, easy to understand, and most importantly, an easy to follow recipe for securing your Win2K systems. This book should be in every adminstrator's library. If you don't have this book, you deserve to be hacked! I teach system security, and this book is a valuable tool and resource, not just for me, but for my students. This is money well spent!...
3 of 3 found the following review helpful:
Review of book "Windows 2000 Security Handbook" Feb 20, 2001
The "Windows 2000 Security Handbook" is an excellent book! Not only is it a good book to learn the nitty-gritty details of Win2K OS and network security, but the first section of the book is a great overview of security in general (Win2k and non-Win2K). For someone who is just getting involved with Win2K security, the book is a must. It has both a good theoretical and practical focus; not only do you get the explanations of of the various Win2K security elements, but you get a step by step guide on how to configure each one. The book is also an excellent reference for those already experienced in Win2K. Very comprehensive and well organized.
|
