Configure memory dump and recovery options

o Enhance security logging in Windows event viewer

o Configure web browser developer tools access

o Configure Windows registry backup

o Disable guest account

o CVE-2013-2900 WinVerifyTrust Signature Validation

o CVE-2023-36563 MS WordPad Vulnerability

o CVE-2023-36884: Windows Search Remote Code Execution Vulnerability

Local administrators account i.e. account name administrator, is disabled to prevent account hijacking

o Password policies for local accounts are set, including minimum password length, Maximum password age, and meeting complexity requirements.

o Password protected screen savers are set for after a specific time frame.

o User access control is enforced for prompting whenever something attempts to install or make changes.

o Universal plug-and-play (“UPnP”) is disabled to protect against other devices on the network communicating through UPnP.

o Autoplay is disabled on removable media drives and/or may be disabled on all drives at Client request. This prevents malicious programs launching from removable media.

o Local LAN Manager hash storage is disabled.

o All incoming NTLM traffic is audited.

o NetBios is disabled.

o IPv6 is disabled.

o Internet Group Management Protocol (IGMP) is disabled.

o Other than the remote desktop services provided by SSC, all other remote desktop services (e.g. Microsoft’s Remote Desktop Protocol (RDP)) are disabled to increase Client’s security and prevent unauthorized remote access to your system.