Skip to main content

8. What are the methods for hardening a Windows system?

  1. Change default RDP port (3389)
  2. Disallow anonymous enumeration of SAM accounts and shares
  3. Block registry editing tools via Group Policy
  4. Enable auditing: object access, directory service, system events
  5. Block port 445 vulnerability
  6. Set password‑protected screensaver
  7. Enforce password complexity: minimum 8 chars, max age 30 days
  8. Enable firewall, disable ICMP echo but allow necessary services
  9. Disable default administrative shares