CYBERSECURITY PROCESSES & TECHNOLOGIES LAB #2: MANAGING HOST BASED SECURITY
Five ways to Securing and Hardening your Windows 10 system
1. Femi Baiyekusi Defensive Cybersecurity (2016) WalshCollege
Five ways to Securing and Hardening your Windows 10 system
1. Least Privilege and Reducing Attack surface: this implies configuring the system to enable
the capability of doing only the things you normally do. This infers that whenever a feature is not
in use, it is best advised to be disabled. The steps in least privilege that makes it efficient include
creating a standard user account and using the same account for daily activities. Secondly, only
the administrative accounts should be used in installing programs, configuring networking or
system maintenance tasks. This is because malware and hackers that eventually make it into the
system will inherit your privilege, whenever you are working on a standard account. Furthermore
a Standard account can serve two purposes, which are serving as a barrier to other accounts a d
also a container used for attacks.
2. Display all control Panel settings: Control Panels serve a s counter measures in hardening
the system. It is also used in the application management stage in removing an application, or
when a component makes an installation request for an application to handle a file name
extension. In addition, it is also used in blocking level backup engine services using the backup
and restore center in the control panel.
3. Turn UAC to the max: It is normally advised to open the User Account Control panel and
change the UAC to maximum protection because a lot of Windows software demands
Administrative privileges. The UAC provides a warning when a software is trying to elevate its
privileges. Lastly, the heuristic features in the UAC detects applications that will normally look
like installers and traps system utilities like registry editor.
4. Setup Firewall Profile: When setting up firewall profile, it is important to know that the
public setting is the most secure and therefore, meant to be used at places like the café hotspots
and airports. Most of the time, a PCs, network might be insecure, in this case, it is advisable to
use a public network profile. PowerShell is a great tool used in changing the network profiles.
5. Use only Bare Essential Network Protocol: In preventing hackers from hacking the network
remotely, the only protocol one really need is the IPv4. In fact, most networking equipment need
IPv4 for functional purposes. This configuration is made specifically with using IPv4 addresses
because the tunnel components that tunnels IPv6 has been tunneled inside IPv4 to the outside.
References:
Bright, P. (n.d.). Windows 7 UAC flaws and how to fix them. Retrieved February 28, 2016, from
http://arstechnica.com/business/2009/02/the-curious-tale-of-windows-7s-uac/
W. (n.d.). Harden Windows 10 Home for Security Guide. Retrieved February 28, 2016, from
http://hardenwindows10forsecurity.com/Harden Windows 10 Home.html
Harden Windows 8.1 for Security Guide. (n.d.). Retrieved February 28, 2016, from
http://hardenwindows8forsecurity.com/Harden Windows 8.1 64bit Home.html