Contains the following:
· Services configuration, disabling unnecessary network facing services to minimize attack surface.
· Deny network logon to certain accounts: Everyone
· Access control list, partition Standard users from admin command-line commands.
· Password age and length requirement settings: 14 characters and good for 60 days
· Account lockout condition : upon trying 50 bad passwords
· Account lockout duration: 15 minutes
· System, Application and Security Event Log size: 1000000 kb
· Have Event Viewer show success and failure events for Account Logons, Account Management, Policy Change and System events.
· Prevent users from installing printer drivers.
· Require pressing CTRL-ALT-DEL to logon.
· Do not display last logon user name.
· Do not allow remote users to list out account names:
· Use Kerberos instead of NTLM protocol
· Require digital signatures for network communications
· UAC will deny Standard user accounts the right to elevate. (instead of prompting for admin password)
· Event Viewer 'custom view' import xml files, allows for detection of system intrusion.
USD $9.04 (including tax)