Contains the following:
- Services configuration for Domain Joined systems, disabling unnecessary network facing services to minimize attack surface. (Domain Join specific)
- Firewall Default Deny rules for importing that closes attackers' most used entry points
- Access control list, partition daily use Standard account from admin command-line commands. (Pro edition specific) Layered protectionn in event of compromise.
- Firefox browser hardened settings file
- Chrome browser hardened settings file
- Hardening Guide for Windows 10 Pro 64 bit with:
- Instructions for using Local Security Policy - Software Restriction Policy (works only on Pro)
- Instructions for using BitLocker (works only on Pro)
- Password age and length requirement settings: 14 characters and good for 90 days
- Account lockout duration: 15 minutes
- Deny network logon to all accounts, layered protection that stops attacks even if attacker gained local foothold
- System, Application and Security Event bigger than default Log size: 1000000 kb
- Prevent users from installing printer drivers; device drivers are much more powerful than ordinary programs
- Have Event Viewer show success and failure events for Account Logons, Account Management, Policy Change and System events.
- Do not display last logon user name.
- Do not allow remote queries to list out account names, which gives half the access answer
- Use the more secure NTLMv2 protocol (latest) instead of older protocols.
- UAC to deny Standard user accounts the possibility to elevate, providing no admin access
- Complete set of Event Viewer 'custom view' import xml files, allows for detection of system intrusion.
- How to set up a Honey Folder for intrusion detection.
- Complete set of Configurations for Windows Defender's Anti Exploit settings.
- Ability to quickly set hardening configuration upon re-installation of OS.
- Restore services and ACL scripts to set Windows to out-of-box settings for troubleshooting
See full details
$20.00 (10 machines)(including