Windows Security

Windows Security

Hanging out with fellow hackers is part of our job. Most of us white hats dabble in a little curiosities from time to time, and you’re typically just surrounded by more people skilled enough technically to raise the risks for you a bit. Below is a guide. the Windows Security guide that I created to help you harden your Windows 10/11 system but not make it so secure that it is unusable.

Disable Remote Access

Attackers can use Microsoft Remote Desktop’s remote access feature to gain control of your device, steal information, and install malware. You’ll want to be able to launch Remote Desktop Connection to log into various things (including the lab here), but you do not wish to host a remote desktop service.

The easiest graphical way to disable Remote Desktop is by using Settings. Start by launching Settings using Windows+i. From the left sidebar, select “System.” On the right pane, scroll down and choose “Remote Desktop.” On the following screen, turn off the “Remote Desktop” toggle. The Windows 11 Home edition doesn’t support remote desktops.

Use Antivirus

Windows’ Virus & threat protection is good enough. It is on by default. Go to Start, type in “Virus & Threat Protection,” then go to “Manage settings.” Make sure that all toggles are in the “on” position. If you do choose to handle malware on your computer, you will want to take note of the “Exclusions” and add exclusions to the folders you don’t wish to scan.

Create Strong Passwords

Passwords should be in a password manager, and I don’t care what anyone says; you should invest in a good one like LastPass. Always be careful who you’re giving your data to and their financial situation. You should also purchase two YubiKeys, ensure the password manager’s 2-factor authentication is enabled, and set up with your primary and backup YubiKey. Buy a YubiKey Nano to stick in your laptop and keep a YubiKey on your keyring. Share your master password with a loved one and make your password vault part of your digital inheritance if something should happen to you. I know I am bleeding into other subjects, but someone needs access to your digital identities if something were to happen to you. There is a line of cybersecurity that is too secure for no one to access anything, and that isn’t where you need to draw the line. It’s something you need to consider seriously. You’ll already be maintaining your digital life.

Enable File Backups

Regular file backup can help prevent data loss during malware attacks or hardware failures. Go back to Start, then “Virus & Threat Protection,” scroll down to “Ransomware protection,” click the option to “Set up OneDrive,” and follow the prompt to choose which folders to back up.

Turn on Core Isolation

This feature adds virtualization-based security to protect against malicious code and hackers. It isolates core processes in memory and prevents hackers from taking control of unsecured drivers.

To turn on core isolation in Windows 11, do the following:

1. Click the Start button
2. Type “Windows Security”
3. Select Device security
4. Select Core isolation details

Turn on:

• Local Security Authority protection
• Microsoft Vulnerable Driver Blocklist

Turn on Bitlocker Drive Encryption

If you have Windows 11 Pro, go ahead and set up Bitlocker Drive Encryption. That way, when your computer starts up, you will be prompted with a password, which will encrypt your data at rest.

Optional PUA protection

I’ve never turned this on, and it may be an annoyance as we tend to play with many applications, but you do have the ability to turn on “Reputation-based protection,” which will protect you from potentially unwanted applications.

Windows Update Settings

Go to Windows Update Settings and ensure “Get the latest updates as soon as they are available” is OFF. Even with this setting off, you will still receive important security updates automatically to protect your device. Then click on “Advanced Options” and turn on “Receive updates for other Microsoft Products.”

That should do it. Make sure you stay updated with Windows updates and use your password manager. Also, make sure you turn on 2-factor authentication everywhere!s

Tyler Wall is the founder of Cyber NOW Education. He holds bills for a Master of Science from Purdue University and also CISSP, CCSK, CFSR, CEH, Sec+, Net+, and A+ certifications. He mastered the SOC after having held every position from analyst to architect and is the author of three books, 100+ professional articles, four online courses, and regularly holds webinars for new cybersecurity talent.

You can connect with him on LinkedIn.

To view my dozens of courses, visit my homepage and watch the trailers!

Become a Black Badge member of Cyber NOW® and enjoy all-access for life.

Check out my latest book, Jump-start Your SOC Analyst Career: A Roadmap to Cybersecurity Success, winner of the 2024 Cybersecurity Excellence Awards.