I've recently come across the Aussie cyber sec website and this document https://www.cyber.gov.au/acsc/view-all-content/publications/hardening-microsoft-windows-10-version-1909-workstations
Lots of useful info there. I found that the UK are also publishing similar docs. A great initiative by the governments. Posting here in case you have not seen this.
there is a Win 10 CIS Guideline here
https://www.cisecurity.org/benchmark/microsoft_windows_desktop/
jut gotta give up some personal info, and they email you like to download
I got it; it's like 1100 pages
Only 1100 pages on how to harden Windows?
So it's an introductory primer, then...
:smug:
Quote from: deanwebb on August 24, 2020, 12:16:39 PM
Only 1100 pages on how to harden Windows?
So it's an introductory primer, then...
:smug:
No it's a preamble to the primer ;)
Quote from: Dieselboy on August 24, 2020, 08:27:16 PM
Quote from: deanwebb on August 24, 2020, 12:16:39 PM
Only 1100 pages on how to harden Windows?
So it's an introductory primer, then...
:smug:
No it's a preamble to the primer ;)
:yeahright:
+1 to Mr. Diesel Boy!
I have implemented the cyber.gov windows hardening guide. It took 50 separate Group Policy Objects to implement. I will phase in this change. So far, only myself and the finance girl are within this AD OU to get these GPOs applied - no issues.
One thing I like is that windows is using native virtualisation to imlement security with these GPOs. It seems to use a VM (secure desktop) to run the windows login window. Blocking usb storage will cause some huffs and puffs though.