• AppLocker
  
  AppLocker is a new feature in Windows 7 and Windows Server 2008 R2 that provides access control for applications.
  
  
• Authorization Manager
  
  Authorization Manager is a Microsoft Management Console (MMC) snap-in that can help provide effective control of access to resources.
  
  
• BitLocker Drive Encryption
  
  BitLocker allows you to encrypt all data stored on the Windows operating system volume and configured data volumes, and by using a Trusted Platform Module (TPM), it can also help ensure the integrity of early startup components.
  
  
• Encrypting File System
  
  Encrypting File System (EFS) is a core encryption technology that enables you to encrypt files stored on NTFS volumes.
  
  
• Kerberos
  
  Kerberos is an authentication mechanism used to verify the identity of a user or host.
  
  
• Security Auditing
  
  Security auditing is one of the most powerful tools to help maintain the security of your system. Auditing should identify attacks, either successful or not, that pose a threat to your network, or attacks against resources that you have determined to be valuable in your risk assessment.
  
  
• Security Configuration Wizard
  
  Security Configuration Wizard (SCW) is an attack-surface reduction tool that guides administrators in creating security policies based on the minimum functionality required for a server's role or roles.
  
  
• Server Security Policy Management
  
  Security policy is the configurable set of rules that the operating system follows when determining the permissions to grant in response to a request for access to resources.
  
  
• User Account Control
  
  User Account Control (UAC) is a security component that allows an administrator to enter credentials during a non-administrator's user session to perform occasional administrative tasks. UAC also can also require administrators to specifically approve administrative actions or applications before they are allowed to run.
  
  
• Windows Authentication
  
  The Windows operating system implements a default set of authentication protocols, including Negotiate, Kerberos, NTLM, Transport Layer Security/Secure Sockets Layer (TLS/SSL), and Digest, as part of an extensible architecture. In addition, some protocols are combined into authentication packages. These protocols and packages enable authentication of users, computers, and services; the authentication process, in turn, enables authorized users and services to access resources in a secure manner.
  
  

Concepts

Other Resources