This book covers Windows Server 2003 and some amount of Windows XP security. It is almost entirely focused on Windows-based security, but has several sections on non-Windows security topics that must be understood. These include physical security, security policy, and risk management.
Now that you know what this book is about, I should explain what this book is not about. This book is not a compendious reference of every possible setting or feature in Windows. It's not intended to be a sit-on-the-shelf book. I've written it so that you can actually use the content to do things. As such, it's direct and brief. I've included links to resources when appropriate so you can access the reference-style material you might need without having to slog through it here.