Bret Staton

Cybersecurity Expert

Incident Responcer

Penitration Tester

Linux & Windows Systems Engineer

Freelance Writer

Bret Staton

Cybersecurity Expert

Incident Responcer

Penitration Tester

Linux & Windows Systems Engineer

Freelance Writer

Blog Post

Windows Client Hardening

March 13, 2021 Blue Team

TLDR: Too Long Didn’t Read

Windows Client Hardening Tips

  • Use DNS services that filter know malicious domain names. QUAD9.net is a good provider of this service. To protect an entire organization, Cisco Umbrella has one of the best-paid DNS filtering services available. Cisco Umbrella offers logging and fine-grained controls over more than malicious domains. With Cisco Umbrella an administrator can control access to any type of content category, like social media, 3rd-party web email, and much more.
  • Disable able Microsoft Office programs from running macros. There has been a new focus on tricking Users into opening documents with malicious code embedded in them. Add registry key that will force macros to be disabled.
  • Set uncommonly used executable files to open by default in Notepad. This can help prevent unintentionally clicking on and running a file that contains malware.

Taggs:
Write a comment