Securing IIS7 – Windows Server 2008 Security Guide

Windows Server 2008 Security Guide is out.

It covers many crucial aspects but my favorite of course is IIS7 chapter:

Chapter 6: Hardening Web Services

This chapter provides prescriptive guidance for hardening the Web Server role. The chapter discusses how the Web server role installs Microsoft® Internet Information Services (IIS) 7.0, which has been redesigned into forty modular components that you can choose to install as needed.

It points to the following resources: