Microsoft's Solutions for Security team has released a new guide, "Securing Windows 2000 Server." The guide, published February 17, consists of 11 chapters of information and includes three supplemental guides for testing, delivery, and support readiness. The supplemental material also includes scripts, test cases, and numerous documents that Microsoft calls "job aids." The job aids are documents that help plan security strategy and implementation, training, communications, change requests, project management, and more.
Michael Howard of Microsoft's Secure Windows Initiative team and author of the book "Writing Secure Code," said the guide is "the first of several prescriptive security solutions planned for release this year. These new security solutions are designed to provide customers with authoritative, proven, and tested solutions that address today's security challenges and business requirements."
The main 11 chapters of the guide cover a wide array of information, including how to define the security landscape, understanding risk management, applying risk management, securing a domain infrastructure, hardening the base Win2K installation, hardening specific server roles, patch management, auditing and intrusion detection, and incident response.
You can download the guide package (5735KB) from Microsoft's Web site as a self-extracting executable. If you wonder what the self-extracting executable might contain then simply open the downloaded .exe file with a tool such as WinZip or WinRAR to inspect and extract the content.