Server hardening refers to the process of improving the security configuration of a server. A Windows server is a soft target for attackers if:
Operating system files are installed from a non-trusted source
System is not current with patches and security updates
Administrator accounts have weak passwords
File systems don’t use NTFS and are unencrypted
Of course, the previous list is incomplete and is meant only to get you thinking on the right track. In this chapter we’ll examine a number of techniques intended to raise the security posture of your Windows Server 2016 infrastructure computers.