To evaluate the security of your workstation configuration, review the configuration categories shown in Table 6. Start by using the categories to evaluate the security configuration of the base operating system. Then apply the same configuration categories to review your IIS, SQL Server, and .NET Framework installation.
Configuration Category | Methodology |
---|---|
Patches and updates | Setup Automatic Updates. Use MBSA or Windows Updates to verify that the latest updates are installed |
Services | Disable unused services. |
Protocols | Check that SMB and NetBIOS over TCP are removed if your workstation is not a member of a domain. |
Accounts | Check that all local accounts use strong passwords. |
Files and directories | Be sure your workstation uses only NTFS partitions. |
Shares | Enumerate shares, remove unnecessary ones, and secure the remaining ones with restricted permissions. |
Ports | Ensure that unused ports are closed by disabling the service that has the port open . To verify which ports are listening use the netstat “ n “ a command. |
Registry | Disable null sessions. |
Auditing and logging | Audit failed Windows attempts to log on and log failed actions across the file system. |