Windows Security Internals: A Deep Dive into Windows Authentication, Authorization, and Auditing

The provided Book from "Windows Security Internals: A Deep Dive into Windows Authentication, Authorization, and Auditing" explores the inner workings of Windows security mechanisms, primarily focusing on how PowerShell can be used to examine and manipulate these features. The initial chapter covers setting up a PowerShell testing environment and introduces fundamental PowerShell concepts. Subsequent sections investigate core Windows kernel components like the object manager, security reference monitor (SRM), process and thread management, and memory management, all through the lens of PowerShell interaction. The text further examines user-mode applications, including API interactions, process creation, and the Windows registry, again emphasizing how PowerShell can provide insights. Finally, the text scrutinizes security descriptors, access control lists, access tokens, and the access check process, demonstrating how PowerShell can be employed to understand and audit these critical security elements.You can listen and download our episodes for free on more than 10 different platforms:https://linktr.ee/cyber_security_summaryGet the Book now from Amazon:https://www.amazon.com/Windows-Security-Internals-PowerShell-Authentication/dp/1718501986?&linkCode=ll1&tag=cvthunderx-20&linkId=78ea397b45d7fd362a047d09886a83a8&language=en_US&ref_=as_li_ss_tlDiscover our free courses in tech and cybersecurity, Start learning today:https://linktr.ee/cybercode_academy

There are no comments yet.

Please log in to write the first comment.