[techbooks] REVIEW: "Microsoft Windows NT 4.0 Security, Audit, and Control",
- BKWNTSAC.RVW 990409
"Microsoft Windows NT 4.0 Security, Audit, and Control", James G.
Jumes et al, 1999, 1-57231-818-X, U$49.99/C$71.99/UK#45.99
%A James G. Jumes
%A Neil F. Cooper
%A Paula Chamoun
%A Todd M. Feinman
%C 1 Microsoft Way, Redmond, WA 98052-6399
%I Microsoft Press
%O U$49.99/C$71.99/UK#45.99 800-6777377 fax: 206-936-7329
%P 318 p.
%S Technical Reference
%T "Microsoft Windows NT 4.0 Security, Audit, and Control"
The primary audience described in the introduction seems to be
security professionals. However, system administrators, technology
managers, and CIOs are mentioned as well. The attempt at breadth of
coverage usually does not bode well in works like these.
Chapter one discusses an information security model based upon the
business (and other) objectives of the institution in question. While
valid as far as it goes, and even possibly helpful when formulating
security policy, this by no means provides a structure from which to
view either security policy or procedures, let alone implement a
complex set of controls. The widget company, beloved of management
writers, is described in chapter two. For the purposes of assessing
security in real world working environments, this particular widget
company seems to be astoundingly simple and homogeneous.
Chapter three starts out talking reasonably about security policy,
starts to get flaky in risk assessment (I would definitely worry about
a .45 chance of an earthquake), and tails off into trivia.
Monitoring, in chapter four, looks first at system performance and
diagnostics, and then gets into event logging without really going
into the concepts. Many areas of physical security are left uncovered
in chapter five. Chapter six discusses domains, trust relationships,
and remote access permissions. Dialogue boxes for user accounts and
groups are listed in chapter seven. There is some mention of the
commonly "received wisdom" in regard to these topics, as there is in
chapter eight regarding account policies, but nothing very
significant. File system, share, and other resource control is
covered in chapter nine. Chapter ten is a bit of a grab bag without
much focus. The registry is reviewed in chapter eleven. Chapter
twelve looks briefly at power supplies and backups. Although it talks
about auditing, chapter thirteen is more of a checklist of security
features to think about. Appendix A is a bit better in this regard:
it lists recommended settings across a number of functions for six
different types of systems.
There is some discussion of options as the various functions are
addressed, so, in a sense, this is a start towards full coverage of NT
security. It has a long way to go, though. In addition, the
deliberation comes at the cost of a loss of some detail in terms of
copyright Robert M. Slade, 1999 BKWNTSAC.RVW 990409
====================== (quote inserted randomly by Pegasus Mailer)
rslade@... rslade@... slade@... p1@...
This is a very good sign, [that someone] is a humanist,
a universal spirit, too interested in too many things to become
a monomaniac. Only a monomaniac gets what we commonly refer to
as `results'. - Albert Einstein
http://victoria.tc.ca/techrev or http://sun.soci.niu.edu/~rslade
eGroups.com home: http://www.egroups.com/group/techbooks
http://www.egroups.com - Simplifying group communications