although not well known, microsoft windows has the best security of any popular operating system in the world today. what windows has is poor default security. there are specific steps any professional can take to significantly increase the security of microsoft windows. unfortunately, most books and the news media keep reinforcing the failed, traditional recommendations of firewalls, antivirus scanners, and end user education. those defenses have failed and will always fail. the reason why the traditional advice fails is that most defenses and courses concentrate on defending pcsagainst the motivated hacker, when 99% of the attacks (and 100% of the popular attacks) are caused by malicious viruses, worms, and trojans. defending against these mobile threats calls for specific tasks that when implemented, defeat most threats, no matter the brand of firewall or virus scanner youve purchased. better, yet, most of the good defenses are free, included with windows (just not implemented correctly). based on this premise, the book is organized as: part i-the first chapter will educate readers about the real threat to their computer systems-roving malware not dedicated human attackers. this lesson is central to the books method of defense part ii-the second part of the book (chapters 3 and 4) will discuss using ntfs permissions to make the ultimate defense part iii-windows operating system hardening part iv-application security part v-automating security-this is perhaps the second most valuable part of the book, discussed no where else in the world (other than private microsoft security teams who i taught my methods to)