Hello. My name is Dustin, and welcome to Windows Security. We're going to go over a ton of built in Windows features you should know about in order to keep your Windows machines safe,
including the M B S A or Mike Soft Baseline Security analyzer,
the Window security infrastructure,
Windows Network Service is and the Windows firewall. And last but certainly not least, Microsoft defender.
So, as I mentioned, Microsoft has many built in tools that you may or may not be familiar with in order to harden your operating system. Security.
The NBS A or Microsoft Baseline Security analyzer,
was used to verify patch compliance and areas where W. Suss or the Windows Server Update Service's or S C. C. M. The system centered configuration manager couldn't or just wasn't in use.
It also performed many other security checks for Windows I s and the sequel server. But the's projects have not been actively maintained since Windows X, P and Server 2003
NBS A is still useful many environments. So as version 2.3 did introduce support from our I'm sorry four, Server 2012 and Windows 8.1,
because it is no longer being developed and maintained. Microsoft did release several scripts you can use that do essentially the same thing for current operating systems.
These scripts leverage the W. S. U S s see end to dark cab file in order to gather information on missing updates. This file contains metadata of only security updates, roll ups and service packs, which we mentioned in Module two,
the Windows Security and for infrastructure.
Microsoft Windows is by far the most widely used operating system in almost every environment and is, unfortunately often miss configure it
or fortunately, depending on which side of security year on this can create many security holes. Currently, the exploit database or exploit Deby has over 8000 exploits running under the Windows platform.
File shares can cause a lot of problems, for I see professionals, including cast credentials and under authorized access or sharing of documents
following need Best practices. Advice from Microsoft will quickly lower your attack surface and strengthen your detection capabilities.
Depending on the environment that you're in, this could be a very easy task and quick win to help secure the network
e Mets or Mike Soft enhanced the mitigation experience. Toolkit is a free window security tool that can add supplemental defense to third party applications or legacy applications.
And last but certainly not least, is the Windows Defender. It's a free built in an ongoing protection for the modern Windows operating system.
So Microsoft enhanced mitigation experience Tool Skip, a tool kit or E met for Short is a free Windows based security tool that adds Supplemental security Defense is to defend potentially vulnerable legacy or third party applications. It works on all currently supported operating systems
Windows Operating systems, although the newest version on Lee supports
Vista Service Pack two and above.
So Yvette uses 12 specific mitigation techniques that help to prevent exploits related to memory corruption, making it much more difficult for Attackers to find and exploit these vulnerabilities and those third party applications. So some of those specific techniques that it uses include
Data execution prevention,
which is a security feature that helps prevent code and system memory from being using correctly
mandatory address space layout Random ization, which is a technology that makes it difficult for exploits to find specific addresses in a system to memory
structured exception Handler Override protection is a mitigation technique that blocks exploits that attempt to exploit stack overflows
Export address table access Filtering is a technology that blocks and exploits ability to find the location of a certain function in memory.
Anti return oriented programming is a medication technique that prevents hackers from bypassing D P or the date execution prevention
SSL, or T. L s Certificate Trust. Pinning is a security feature and emails that that helps detect man in the middle attacks, leveraging the P K. I or public key infrastructure.
If you'd like to learn more about event or download it, you can get it from Microsoft dot com slash e m e t.
Hardening the Windows OS Heartening is the process of securing a system by reducing the vulnerability surface. The following tips apply not just two windows specifically, but any computer system.
The first thing you should do when attempting to hard in your own personal system or an enterprise network full of Windows Systems is to upgrade to supported versions of that operating system.
You would be surprised how many environments that I've run into that could be exploited by M. S. 08 67 which is ah, extremely common in easy to explain vulnerability on women's X P 2000 and Server 22,003. If I remember correctly,
it is important to keep your OS upgraded to the currently
supported version. But, um, Windows has actually released several critical patches for older versions of Windows. Just Thio help stop them
regularly patching Windows and your third party applications can stop a huge number of attacks.
Some of the largest breaches over the last 10 years have all come from unpatched software. Some of those include the Equifax Breach, the Mary A breach and the target breach.
Most of these Apaches were extremely old as well.
Most reputable companies release regular patches for their software
and even emergency patches. If of vulnerability or anything is disclosed, applying these patches will stop a large number of attacks.
Another great way too hard in the Windows OS is to skin for open shares.
If you don't know what's open, it's much more difficult to close it or even manage access.
This could be done with a few different tools, including and map and power shell.
Being proactive and knowing where your security holes are makes it much easier to fix or mitigate any issues you may come across
another great way to lower your attack surfaces to just follow best practices. There's a reason the experts are offering advice on how to configure and manage their applications or software.
While some of these things are more easily said than done, following these four things will lower the attack surface of your network greatly. If you can't follow all four, try and mitigate when possible.
If you've got old software that can't be patched or is no longer supported,
maybe you can try and protect it with the Met.
If there's a PC or server that can't be upgraded anymore, try and segment and, as much as possible, the network to limit the access to and from it.
The Windows Defender Anti virus is a built in an time, our solution on Windows operating systems that provides next generation protection for desktops, portable computers and servers.
Um, because it is built into the winner's OS. There's nothing to install or by it's completely built into him.
Windows Defender includes cloud deliver protection for detection and blocking of new and emerging threats, including signature and behavior based detection. Sze
Windows defender uses heuristic analysis to provide real time protection along with standards. Sorry, this standard signature based protection scanning, which you can launch at any time so that scans for known signatures of malware that are in their database.
You can also set up controlled fuller access to help protect from ransomware attacks.
One really cool feature the Windows has added is actually the ability for Windows security to turn Windows Defender off automatically if another anti virus application is installed and then automatically turn it back on if you uninstall that other antivirus application,
which really just means less configuration and less management from you.