Contains the following:
- Services configuration, disabling unnecessary network facing services to minimize attack surface.
- Firewall Default Deny rules for importing that closes attackers' most used entry points
- Access control list, partition daily use Standard account from admin command-line commands. (Home edition specific) Layered protectionn in event of compromise.
- Firefox browser hardened settings file
- Chrome browser hardened settings file
- Password age and length requirement settings: 14 characters and good for 90 days
- Account lockout duration: 15 minutes
- System, Application and Security Event bigger than default Log size: 1000000 kb
- Have Event Viewer show success and failure events for Account Logons, Account Management, Policy Change and System events.
- Prevent users from installing printer drivers; device drivers are much more powerful than ordinary programs
- Require pressing CTRL-ALT-DEL to logon; credentials cannot be recorded
- Do not display last logon user name.
- Do not allow remote users to list out account names:
- Use the more secure NTLMv2 protocol (latest) instead of older protocols.
- UAC to deny Standard user accounts the possibility to elevate, providing no admin access
- Complete set of Event Viewer 'custom view' import xml files, allows for detection of system intrusion.
- How to set up a Honey Folder for intrusion detection.
- Complete set of Configurations for Windows Defender's Anti Exploit settings.
- Ability to quickly set hardening configuration upon re-installation of OS.
- Restore services and ACL scripts to set Windows to out-of-box settings for troubleshooting
See full details
Note: fulfillment is done manually, a email is generated from PayPal and the Configuration Pack is emailed to you as an attachment.