{"id":187,"date":"2023-05-22T10:32:39","date_gmt":"2023-05-22T08:32:39","guid":{"rendered":"https:\/\/www.activeparc.fr\/?p=187"},"modified":"2023-05-22T10:47:38","modified_gmt":"2023-05-22T08:47:38","slug":"guide-to-hardening-windows-10","status":"publish","type":"post","link":"https:\/\/www.activeparc.fr\/index.php\/2023\/05\/22\/guide-to-hardening-windows-10\/","title":{"rendered":"Guide to Hardening Windows 10"},"content":{"rendered":"\n<p>For Administrators, Developers and Office Workers<\/p>\n\n\n\n<p class=\"has-vivid-cyan-blue-color has-text-color has-medium-font-size\"><strong>Prerequisites<\/strong>:<\/p>\n\n\n\n<ul style=\"font-size:16px\">\n<li style=\"font-size:16px\">Computer running Windows 10 Enterprise\/Education, version 20H1 \/ 20H2 (most of<br>these settings will apply to older versions of Windows 10 or lower SKUs, but<br>compatibility is not guaranteed).<\/li>\n\n\n\n<li style=\"font-size:16px\">TPM module.<br>User roles<br>Not all policies are suitable for all types of users. For this reason, we will be analyzing the<br>suitability of each policy for two types of users depending on their role:<br>Administrator\/Developer \u2013 Uses an administrator account, launches a lot of software,<br>and connects different accessories and hardware.<br>Office Worker \u2013 Uses a standard account and the set of their software is limited. Office<br>Workers do not change hardware and accessories without the assistance of the IT<br>department.<\/li>\n<\/ul>\n\n\n\n<p class=\"has-vivid-cyan-blue-color has-text-color has-medium-font-size\"><strong>1. EFI (BIOS) Configuration<\/strong><\/p>\n\n\n\n<ul style=\"font-size:16px\">\n<li style=\"font-size:16px\">Many of the modern Windows 10 features rely on hardware and firmware support, therefore it is necessary to properly configure the system\u2019s EFI.<\/li>\n\n\n\n<li style=\"font-size:16px\">Due to major differences between EFI configuration interfaces of various manufacturers, we cannot provide exact steps. Some of the below mentioned options will feature a different name or will be missing entirely on some systems.<\/li>\n<\/ul>\n\n\n\n<p class=\"has-luminous-vivid-orange-color has-text-color has-medium-font-size\">To be enabled:<\/p>\n\n\n\n<ul>\n<li style=\"font-size:16px\">Secure boot<\/li>\n\n\n\n<li style=\"font-size:16px\">Intel Boot Guard<\/li>\n\n\n\n<li style=\"font-size:16px\">Intel VT-x \\ Intel VT-D \\ AMD-V \\ IOMMU \\ virtualization support<\/li>\n\n\n\n<li style=\"font-size:16px\">Execute Disable Bit<\/li>\n\n\n\n<li style=\"font-size:16px\">BIOS administrator password<\/li>\n\n\n\n<li style=\"font-size:16px\">TPM module (on systems with both hardware and firmware option is hardware<br>preferred)<\/li>\n\n\n\n<li style=\"font-size:16px\">Device Guard<\/li>\n\n\n\n<li style=\"font-size:16px\">DMA Protection<\/li>\n<\/ul>\n\n\n\n<p><\/p>\n\n\n\n<p class=\"has-luminous-vivid-orange-color has-text-color has-medium-font-size\">To be disabled:<\/p>\n\n\n\n<ul>\n<li style=\"font-size:16px\">Compatibility Support Mode (CSM) support<\/li>\n<\/ul>\n\n\n\n<p class=\"has-vivid-cyan-blue-color has-text-color\"><strong>2. Windows Defender Firewall<\/strong><\/p>\n\n\n\n<p class=\"has-luminous-vivid-orange-color has-text-color\">Enable logging of dropped packets<\/p>\n\n\n\n<p><strong>Policy path:<\/strong> Computer Configuration\\Windows Settings\\Security Settings\\Windows<br>Defender Firewall with Advanced Security\\Windows Defender Firewall with Advanced<br>Security.<\/p>\n\n\n\n<p>Right-click on Windows Defender Firewall with Advanced Security and select Properties.<br>Under Logging, select Customize and enable Log dropped packets<\/p>\n\n\n<div class=\"wp-block-image is-style-default\">\n<figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/www.activeparc.fr\/wp-content\/uploads\/2023\/05\/image.png\" alt=\"\" class=\"wp-image-194\" width=\"300\" height=\"300\"\/><\/figure><\/div>","protected":false},"excerpt":{"rendered":"<p>For Administrators, Developers and Office Workers Prerequisites: 1. EFI (BIOS) Configuration To be enabled: To be disabled: 2. Windows Defender Firewall Enable logging of dropped packets Policy path: Computer Configuration\\Windows Settings\\Security Settings\\WindowsDefender Firewall with Advanced Security\\Windows Defender Firewall with AdvancedSecurity. Right-click on Windows Defender Firewall with Advanced Security and select Properties.Under Logging, select Customize and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/www.activeparc.fr\/index.php\/wp-json\/wp\/v2\/posts\/187"}],"collection":[{"href":"https:\/\/www.activeparc.fr\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.activeparc.fr\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.activeparc.fr\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.activeparc.fr\/index.php\/wp-json\/wp\/v2\/comments?post=187"}],"version-history":[{"count":8,"href":"https:\/\/www.activeparc.fr\/index.php\/wp-json\/wp\/v2\/posts\/187\/revisions"}],"predecessor-version":[{"id":189,"href":"https:\/\/www.activeparc.fr\/index.php\/wp-json\/wp\/v2\/posts\/187\/revisions\/189"}],"wp:attachment":[{"href":"https:\/\/www.activeparc.fr\/index.php\/wp-json\/wp\/v2\/media?parent=187"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.activeparc.fr\/index.php\/wp-json\/wp\/v2\/categories?post=187"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.activeparc.fr\/index.php\/wp-json\/wp\/v2\/tags?post=187"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}