- make sure to answer the forensic questions.
- note down the users and admins from the readme file.
- Password Policy
- System Access: (CONFIG in here)
- Minimum Password Age: 1
- Maximum Password Age: 60
- Minimum Password Length: 14
- Password Complexity: Enabled
- Password History Size: 24
- Lockout Bad Count: 5
- Lockout Duration: 30
- Force Logoff When Hour Expired: Enabled
- Clear Text Password: Disabled
- Enable Admin Account: Disabled
- Enable Guest Account: Disabled
- Event Audit
- Audit System Events: Success
- Audit Logon Events: Success
- Audit Object Access: Success
- Audit Privilege Use: Success
- Audit Policy Change: Success
- Audit Account Management: Success
- Audit Process Tracking: Success
- Audit DS Access: Success
- Audit Account Logon: Success
- System Access: (CONFIG in here)
- Firewalls
- FireWall Rules
- too much to list, see here
- Firewall Profiles
- make sure firewall service is running and configurable
- Enable the entire firewall
- set direction defaults
- settings for profiles
- Uniqe settings for Public profile
- Logging for Domain, Private and Public profiles
- FireWall Rules
- remove all printers
- remove unsecure services (see here)
- remove unsecure scheduled tasks (see here)
- add authorized users, and admins to a folder so the script can check through them