Scribd
Upload
41 views

Server Hardening Guide

This document provides guidelines for hardening Windows systems, including setting strong passwords, disabling unused accounts, enabling account lockout policies, installing antivirus software and Windows updates, configuring the Windows firewall, and running tools like the Microsoft Baseline Security Analyzer and Spiceworks to verify security configurations. It recommends user management best practices like using complex passwords and screen locks, as well as system management steps like removing unnecessary file shares, enabling Windows Defender, and ensuring all computers are in the same workgroup or domain.

Uploaded by

Edduh Wa Wandera
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
41 views

Server Hardening Guide

This document provides guidelines for hardening Windows systems, including setting strong passwords, disabling unused accounts, enabling account lockout policies, installing antivirus software and Windows updates, configuring the Windows firewall, and running tools like the Microsoft Baseline Security Analyzer and Spiceworks to verify security configurations. It recommends user management best practices like using complex passwords and screen locks, as well as system management steps like removing unnecessary file shares, enabling Windows Defender, and ensuring all computers are in the same workgroup or domain.

Uploaded by

Edduh Wa Wandera
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

ICT Authority

Telposta Towers 12th Floor, Kenyatta Ave


PO Box 27150 - 00100 Nairobi Kenya
Tel: +254 20 2089061/ 2211960 Fax: +254 20 2211960
www.icta.go.ke
[email protected]

WINDOWS HARDENING GUIDE


User Management
1.
2.
3.
4.
5.
6.
7.
8.
9.

System
1.
2.
3.
4.
10.
11.

12.

Use a Strong Password/Passphrase on the all Accounts


Disable the Guest Account including unused accounts.
Set Account Lockout Policy
Add a Standard user account
a. Control Panel >User Accounts >Manage Accounts >Create New Account
Disable or delete unused users.
Set minimum password length.
Enable password complexity requirements.
Configure account lockout policy. Start > secpol.msc
Lock workstation after 10 minutes of inactivity. Control Panel >Appearance and Personalization
> Change Screen Saver
Management
Remove All Unnecessary File Shares
Install Antivirus Software and Updates
Install Windows Defender
a. Use Windows Defender to help prevent spyware and other potentially unwanted
software from being installed on your computer without your knowledge.
Use Action Center
a. Use Action Center to make sure your firewall is on, your antivirus software is up to
date, and your computer is set to install updates automatically.
Turn Windows Firewall On
a. Control Panel >System and Security > Windows Firewall
Windows Update: Set Windows Update to download and install the latest updates for your
computer automatically
a. Control Panel > System and Security > Windows Update >Turn automatic updating on or
off
All computers should be in the same workgroup or domain

Service Packs and Hot Fixes


1. Install the latest service packs and hotfixes from Microsoft.
2. Enable automatic notification of patch availability.
Optimization
1. Disk defragmentation. Start >Disk Defragmenter >Analyze Disk >Defragment Disk
2. Limit how many programs run at startup. Start > msconfig
Verification
1. Install and run Microsoft Baseline Security Analyzer
2. Install and run spiceworks from remote computer.

serverHardeningGuide.doc
The ICT Authority is a State Corporation under the Kenya State Corporations Act 446
Page 1 of 1

You might also like