Windows Client Hardening

TLDR: Too Long Didn’t Read

Windows Client Hardening Tips

Use DNS services that filter know malicious domain names. QUAD9.net is a good provider of this service. To protect an entire organization, Cisco Umbrella has one of the best-paid DNS filtering services available. Cisco Umbrella offers logging and fine-grained controls over more than malicious domains. With Cisco Umbrella an administrator can control access to any type of content category, like social media, 3rd-party web email, and much more.

Disable able Microsoft Office programs from running macros. There has been a new focus on tricking Users into opening documents with malicious code embedded in them. Add registry key that will force macros to be disabled.

Set uncommonly used executable files to open by default in Notepad. This can help prevent unintentionally clicking on and running a file that contains malware.

Bret

I'm an IT Professional with more than a decade in the IT industry. My security skills were built on years of strong systems administration work, and practice.
My motto is, "If you're not pushing forward, your falling behind!"
-----
Certs: EC-Council Certified Ethical Hacker, MS MCSA: Windows Server 2016, CompTIA Net+

Follow me on Mastodon

Author archive Author website

March 13, 2021

Blue Team, OS Hardening, Systems Admin

Leave a Reply Cancel reply

© 2024 Cyber Gladius

Follow Me on my Mastodon - Infosec.Exchange Mastodon IOC.Exchange Mastodon