Tomster/Windows-Setup
1
0
Fork 0
mirror of https://github.com/TommyTran732/Windows-Setup.git synced 2024-11-21 15:41:45 -05:00
Code

Update policies

Browse Source 
Signed-off-by: Tommy <contact@tommytran.io>
This commit is contained in:
Tommy 2023-12-30 21:54:28 -07:00
parent 5fc82e27fc
commit 5906bad9b8
Signed by: Tomster
GPG Key ID: 555C902A34EC968F
8 changed files with 24 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

0
Group Policies Objects/Computer Configuration/System/Windows Time Service.md → Group Policies Objects/Computer Configuration/Parallels/Windows Time Service.md
View File

5
Group Policies Objects/Computer Configuration/System/Device Guard.md
View File

@ -1,5 +0,0 @@
# Device Guard
`Computer Configuration\Administrative Templates\System\Device Guard`
- Turn On Virtualization Based Security -> Enabled (**Only do this if you are running Windows on bare metal or with nested virtualization**)

5
Group Policies Objects/Computer Configuration/Windows Components/Controlled Folder Access.md
View File

@ -1,5 +0,0 @@
# Controlled Folder Access
`Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Controlled Folder Access`
- Configure Controlled folder access -> Enabled -> Block

11
Group Policies Objects/Device Guard.md Normal file
View File

@ -0,0 +1,11 @@
# Device Guard
`Computer Configuration\Administrative Templates\System\Device Guard`
- Turn On Virtualization Based Security -> Enabled (**Only do this if you are running Windows on bare metal or with nested virtualization**)
1. Select Platform Security Level: Secure Boot and DMA Protection
2. Virtualization Based Protection of Code Integrity: Enabled with UEFI lock
3. Credential Guard Configuration: Enabled with UEFI lock
4. Secure Launch Configuration: Enabled
5. Kernel-mode Hardware-enforced Stack Protection: Enabled in enforcement mode

15
Group Policies Objects/Computer Configuration/Windows Components/Network Protection.md → Group Policies Objects/Microsoft Degender Antivirus
View File

@ -1,4 +1,9 @@
# Network Protection
# Microsoft Defender Antivirus
`Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus`
## Network Protection
Only relevant if SmartScreen is used.
@ -9,4 +14,10 @@ Documentation:
`Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Network Protection`
This settings controls whether Network protection is allowed to be configured into block or audit mode on Windows -> Enabled (Only relevant if running Windows Server)
Prevent users and apps from accessing dangerous websites -> Enabled -> Block
Prevent users and apps from accessing dangerous websites -> Enabled -> Block
## Controlled Folder Access
`Computer Configuration\Administrative Templates\Windows Components\Microsoft Defender Antivirus\Microsoft Defender Exploit Guard\Controlled Folder Access`
- Configure Controlled folder access -> Enabled -> Block

0
Group Policies Objects/Computer Configuration/Windows Components/Widgets.md → Group Policies Objects/Widgets.md
View File

0
Group Policies Objects/Computer Configuration/Windows Components/Windows Messenger.md → Group Policies Objects/Windows Messenger.md
View File

0
Group Policies Objects/Computer Configuration/Windows Components/Windows Update.md → Group Policies Objects/Windows Update.md
View File