Windows Security – End Point Security – Part 2
This is the Second Part of the Blog in our Windows Endpoint Security. In this Part, we are going to discuss Microsoft Security Baseline Configurations.
Security Administrators use toolkits such as Microsoft Security Compliance Toolkit to compare endpoint configurations with Microsoft’s recommended Security Guidelines in managing Enterprise Group Policy Objects.
Here we will discuss Microsoft's recommended tool Microsoft Security Compliance Toolkit (MSCT).
It will help us in managing, analyzing, testing, and editing the security configuration baseline.
Before You Proceed with MSCT toolkit. Get to know what version of Operating System is in use.
Goto Start –> Settings –> Update & Security –> Os Build Info (RightPane).
Search for the Security Baseline Configuration in the Internet
Microsoft’s tech community Uploads all the Security baseline for Windows Operating systems.
Click on the Microsoft Security Compliance Toolkit link in the tech community window
Download the Microsoft Security Compliance tool kit from the Official Microsoft.com along with your security baseline configurations.
It will Download a bunch of Files along with a Policy Analyzer in it.
In the security baseline configuration, you will be having documentation that contains all the necessary things to get secured, Devices, Users, Browsers everything.
Next we will open Policy Analyzer to secure our Operating system by comparing it with another Security baseline configuration.
Open Policy analyzer from the downloaded Packages inside MSCT and open it.
Click on Add
Go to File –> Add files from GPOs
You can find all the Group Policy Objects (GPOs) for your Operating System in the package you Downloaded.
select the GPOs folder and click on Select Folder
Click on Import to import the file into the Policy Editor
Click on Import
Save the Policy Rules in a certain name
Click on compare to effective state. To compare the GPOs with the Local Policy you have.
This is how you will the Comparison between the Baseline Security Configuration and what you have. Effective state column will suggest you for an effective configuration.
In the above picture, we can see, I have to make a small configuration on Enabling ICMP Redirect.
The Lower Section shows a Description of the configuration and Baseline Information Where it is enabled or disabled and everything.
Then according to the suggestion, we can easily manage our security configuration in our Windows Endpoints.
It is an Essential Step for all the Network Defenders.
If you want to Learn it in Detail Stick with our Series of Blogs on Endpoint Security or you can go with Our CND Certification that will enlighten You in all defensive strategies.