mirror of
https://github.com/TommyTran732/Windows-Setup.git
synced 2024-11-09 09:41:46 -05:00
Compare commits
4 Commits
3863723105
...
6330a1f396
Author | SHA1 | Date | |
---|---|---|---|
6330a1f396 | |||
686ef5b0a9 | |||
eeadf80b62 | |||
737f4111a1 |
@ -0,0 +1,5 @@
|
||||
# AutoPlay Policies
|
||||
|
||||
`Computer Configuration\Administrative Templates\Windows Components\AutoPlay {p;ocoesy`
|
||||
|
||||
- Turn off Autoplay -> Enabled
|
@ -9,4 +9,5 @@ Choose drive encryption method and cipher strength (Windows 10 [Version 1511] an
|
||||
## Operating System Drives
|
||||
|
||||
- Require additional authentication at startup -> Enabled -> Do not allow TPM, Allow startup PIN with TPM, Do not allow startup key with TPM, Allow startup key and PIN with TPM. (**This is especially important as we do not want the TPM to automatically release the encryption key at boot.**)
|
||||
- Allow enhanced PINs for startup -> Enabled.
|
||||
- Allow enhanced PINs for startup -> Enabled.
|
||||
- Configure TPM platform validation profile for native UEFI firmware configurations -> Enabled -> PCR 0,1,2,3,3,4,5,6,7,11
|
@ -0,0 +1,5 @@
|
||||
# Software Protection Platform
|
||||
|
||||
`Computer Configuration\Administrative Templates\Windows Components\Software Protection Platform`
|
||||
|
||||
- Turn off KMS Client Online AVS Validation -> Enabled
|
Loading…
Reference in New Issue
Block a user