mirror of
https://github.com/TommyTran732/Windows-Setup.git
synced 2024-11-24 17:11:43 -05:00
Compare commits
3 Commits
3aa5d50728
...
e014370480
Author | SHA1 | Date | |
---|---|---|---|
e014370480 | |||
1863c622cd | |||
fb28b39fda |
@ -0,0 +1,13 @@
|
|||||||
|
# Internet Communication settings
|
||||||
|
|
||||||
|
`Computer Configuration\Administrative Templates\System\Internet Communication Management\Internet Communication settings`
|
||||||
|
|
||||||
|
These look quite old so I am not sure if they apply to modern Windows versions or not. It doesn't hurt to set them either ways
|
||||||
|
|
||||||
|
- Turn off Windows Customer Experience mprovement Program -> Enabled
|
||||||
|
- Turn off downloading of print drivers over HTTP -> Enabled
|
||||||
|
Turn off printing over HTTP -> Enabled
|
||||||
|
- Turn off Help and Support Center "Did you know?" content -> Enabled (These are probably not that useful and will just be annoying)
|
||||||
|
- Turn off Windows Error Reporting -> Enabled
|
||||||
|
- turn off Search Companion content file updates -> Enabled
|
||||||
|
- Turn off Windows Messenger Customer Experience Improvement Program -> Enabled
|
@ -0,0 +1,7 @@
|
|||||||
|
# Application Compatibility
|
||||||
|
|
||||||
|
`Computer Configuration\Administrative Templates\Windows Components\Application Compatibility`
|
||||||
|
|
||||||
|
These look quite old so I am not sure if they apply to modern Windows versions or not. It doesn't hurt to set them either ways.
|
||||||
|
|
||||||
|
- Turn off Application Telemetry -> Enabled
|
@ -4,7 +4,9 @@
|
|||||||
|
|
||||||
Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) -> Enable -> XTS-AES 256-bit for operating system, fixed data, and removable drives.
|
Choose drive encryption method and cipher strength (Windows 10 [Version 1511] and later) -> Enable -> XTS-AES 256-bit for operating system, fixed data, and removable drives.
|
||||||
|
|
||||||
|
**The disable new DMA devices when computer is locked should only be enabled if your computer does not support kernel DMA protection.**
|
||||||
|
|
||||||
## Operating System Drives
|
## Operating System Drives
|
||||||
|
|
||||||
- Require additional authentication at startup -> Enabled -> Do not allow TPM, Allow startup PIN with TPM, Do not allow startup key with TPM, Allow startup key and PIN with TPM. (**This is especially important as we do not want the TPM to automatically release the encryption key at boot.**)
|
- Require additional authentication at startup -> Enabled -> Do not allow TPM, Allow startup PIN with TPM, Do not allow startup key with TPM, Allow startup key and PIN with TPM. (**This is especially important as we do not want the TPM to automatically release the encryption key at boot.**)
|
||||||
- Allow enhanced PINs for startup -> Enabled.
|
- Allow enhanced PINs for startup -> Enabled.
|
Loading…
Reference in New Issue
Block a user