We are really happy to announce that and updated version of the Windows Threats and Countermeasures Guide is now available online at http://technet.microsoft.com/en-us/library/hh125921(WS.10).aspx . This new version cover changes in Windows Server 2008 R2 and Windows 7.

This guide consists of the following sections:

  • Threats and Countermeasures Guide: Account Policies: This section discusses the Group Policy settings that are applied at the domain level: password policies, account lockout policies, and Kerberos protocol authentication policies.
  • Threats and Countermeasures Guide: Advanced Security Audit Policy: This section discusses the use of advanced audit policy settings, which are now integrated with Group Policy to monitor and enforce your security measures. It describes the various settings, and it provides examples of how audit information is modified when the settings are changed.
  • Threats and Countermeasures Guide: User Rights: This section discusses the various logon rights and privileges that are provided by the Windows 7 and Windows Server 2008 R2 operating systems, and it provides guidance about which accounts should be assigned these rights.
  • Threats and Countermeasures Guide: Security Options: This section provides guidance about security settings for digital data signatures, Administrator and Guest account names, drive access, driver installation behavior, and logon prompts.
  • Threats and Countermeasures Guide: Event Log: This section provides guidance about how to configure the settings that relate to the various event logs on computers running Windows Server 2008 R2 or Windows 7.
  • Threats and Countermeasures Guide: System Services: Windows Server 2008 R2 and Windows 7 include a variety of system services. Many of these services are configured to run by default, but others are not present unless you install specific components. This section describes the various services included with the operating systems so that you can best decide which ones to leave enabled and which ones can be safely disabled.
  • Threats and Countermeasures Guide: Software Restriction Policies: This section provides a brief overview of the Software Restriction Policy feature that is available in Windows Server 2008 R2 and Windows 7. It provides links to additional resources about how to design and use policy settings to control which applications can be used in your organization.
  • Threats and Countermeasures Guide: Application Control Policies: This section provides a brief overview of the AppLocker™ feature that is available in Windows Server 2008 R2 and Windows 7. It provides links to additional resources about how to design and use policy settings to control which applications can be used in your organization.
  • Threats and Countermeasures Guide: External Storage Devices: This section describes Group Policy settings that can be used to limit, prevent, or allow the use of external storage devices in networked computers.
  • Threats and Countermeasures Guide: Additional Resources: This section provides links to additional information sources about Windows security topics from Microsoft that you may find useful.

We hope you enjoy it !!