Windows Client Hardening
Jump to navigation
Jump to search
Software
- EMET
- Firefox
Settings
- Don't use UAC, instead use 2 accounts: 1 admin account, 1 day to day work account
- enable bitlocker
- enable applocker
GPO settings
| Setting | Configure | Location |
|---|---|---|
| Don't connect to a wifi without logging on | Do not display network selection UI | gpedit Computer Configuration\Administrative Templates\system\logon |
| Example | Disable USB | Example |
| Example | Disable NTLM | Example |
| Example | Enable NLA for RDP | Example |
| Example | remap utilman on lockscreen | Example |
| Example | Example | Example |
| Example | Example | Example |
| Example | Example | Example |
| Example | Example | Example |
security