Infotech
Windows 11has many different features pertaining to functionality and security.
Insider attacks are harder to identify and when they are, it is probably too late.
Therefore, you should probably harden your Windows computer.
Here, we share the best-recommended tips and techniques that will make your system impenetrable.
The Windows 11 Security Baseline has been released as a component ofMicrosoft Security Compliance Toolkit 1.0.
Since it is only 1.2 MB, it should be downloaded instantly.
Extract the content of the zip file to a folder.
Now navigate to the extracted folder usingFile Explorerand open theScriptssub-folder.
Here you will find 3 PowerShell ISE files.
Right-click Baseline-LocalInstall and then clickRun with PowerShellfrom the context menu.Run with PowerShell
The script will now run automatically.
Wait for the PowerShell window to close on its own.
The recommended security configs from Microsoft will already be implemented when the Security Baseline will be installed.
You will now be asked to log into your account using this password.
Password managers are software that store your credentials which you might access in case you forget any.
Of course, these managers also need a password for you to sign on.
This can be dangerous as anyone who uses your box will be automatically logged into your account.
Thankfully, this feature can be disabled.
However, in Windows 11, this option is missing by default.
It can be enabled by making manual edits to the Windows Registry.
Therefore, we insist that you create asystem restore pointbefore proceeding forward with the process.
Disabling it would mean that all sorts of packets can come and go without being detected.
Although this is enabled by default, you must ensure that it is not disabled.
Here are the steps to enable Windows Firewall:
Open Windows Firewall by typing infirewall.cplin the Run Command box.
This also opens internet ports on your gear, making it vulnerable to attacks.
Therefore, we suggest that you disable it.
Here is how:
Toggle the slider in front ofRemote Desktopinto theOffposition.
Keep Windows Updated
Another important factor people often overlook is keeping their Windows OS up to date.
This means that you must plant the Windows updates as they are published.
If your system does not have the right updates installed, it will be prone to attacks.
Although Windows 11 installs Windows updates automatically, it may be possible that you havepaused/disabled them.
It encrypts the data on your hard drive/partition and can only be accessed with a security key.
Each partition needs to be encrypted separately.
Open File Explorer and right-tap on the partition to encrypt.
From the context menu, clickTurn on BitLocker.
The BitLocker wizard will now launch.
Finally, clickStart Encryption.Begin encryption
You will now see the drive encrypting.
When it completes, wrap up the window.
Manage App Permissions
Various native and third-party applications need access to different components and permissions to function.
However, some apps ask for permissions they dont need, or you dont want to share.
It is like an added step that asks you Are you sure you want to continue?
The default setting for UAC in Windows 11 is medium.
But to harden your OS, you must increase this to the maximum.
Here is how:
Here, clickChange User Account Control settingson the left of the window.
Blocking these drivers will ensure that your system is not compromised by weak drivers.
Therefore, better to close any listening web link ports that your system isnt using.
Before you begin, you must first find out which ports are open.
To do so, run with this:
Open Command Prompt with elevated privileges.
This way your listening ports will be blocked and attackers wont be able to exploit them.
Frequently Asked Questions (FAQs)
How to reduce the attack surface on Windows?
The Attack surface can be reduced in several ways.
it’s possible for you to disable any listening ports that are not being used and enable your firewall.
How to make Windows 11 secure?
Talk to us straight and get your questions answered right away
source: www.itechtics.com
