Call 1 (201) 549-9007 (US) | +91 - 836-854-5467 (WhatsApp) Email: [email protected]

Windows Security – End Point Security – Part 2


Hello Everyone, This is the Second Part of the Blog in our Windows Endpoint Security. In this Part, we are going to discuss Microsoft Security Baseline Configurations.

Security Administrators use toolkits such as Microsoft Security Compliance Toolkit to compare endpoint configurations with Microsoft’s recommended Security Guidelines in managing Enterprise Group Policy Objects.

Here we will discuss Microsoft's recommended tool Microsoft Security Compliance Toolkit (MSCT).

It will help us in managing, analyzing, testing, and editing the security configuration baseline.

Before You Proceed with MSCT toolkit. Get to know what version of Operating System is in use.

Goto Start –> Settings –> Update & Security –> Os Build Info (RightPane).

Windows Security – End Point Security
Windows Security – End Point Security

Search for the Security Baseline Configuration on the Internet

Windows Security – End Point Security

Microsoft’s tech community Uploads all the Security baseline for Windows Operating systems.

Windows Security – End Point Security

Click on the Microsoft Security Compliance Toolkit link in the tech community window

Download the Microsoft Security Compliance tool kit from the Official Microsoft.com along with your security baseline configurations.

Windows Security – End Point Security
Windows Security – End Point Security

It will Download a bunch of Files along with a Policy Analyzer in it.

Windows Security – End Point Security

In the security baseline configuration, you will be having documentation that contains all the necessary things to get secured, Devices, Users, Browsers everything.

Windows Security – End Point Security

Next, we will open Policy Analyzer to secure our Operating system by comparing it with another Security baseline configuration.

Open the Policy analyzer from the Downloaded Packages inside MSCT and open it.

Windows Security – End Point Security

Click on Add

Windows Security – End Point Security

Go to File –> Add files from GPOs

You can find all the Group Policy Objects (GPOs) for your Operating System in the package you downloaded.

Windows Security – End Point Security

Select the GPOs folder and click on Select Folder

Click on Import to import the file into the Policy Editor

Windows Security – End Point Security

Click on Import

Save the Policy Rules in a certain name

Windows Security – End Point Security

Click on compare to effective state. To compare the GPOs with the Local Policy you have.

Windows Security – End Point Security

This is how you will the Comparison between the Baseline Security Configuration and what you have. The effective state column will suggest an effective configuration.

Windows Security – End Point Security

In the above picture, we can see, that I have to make a small configuration on Enabling ICMP Redirect.

The Lower Section shows a Description of the configuration and Baseline Information Where it is enabled or disabled and everything.

Then according to the suggestion, we can easily manage our security configuration in our Windows Endpoints.

It is an Essential Step for all the Network Defenders.

If you want to Learn it in Detail Stick with our Series of Blogs on Endpoint Security or you can go with Our CND Certification which will enlighten You on all defensive strategies.

Windows End Point Security – Part 3

Comments

Leave a Reply

Your email address will not be published.

Open chat
Hello 👋
Can we help you?
  • Contact Us

    Contact Us