Configuration could use best practices and the following:
- Password best practices
- Setting strong passwords
- Password expiration
- Changing default user-names/passwords
- Screensaver required password
- BIOS/UEFI passwords
- Requiring passwords
- Account management
- Restricting user permissions
- Login time restrictions
- Disabling guest account
- Failed attempts lockout
- Timeout/screen lock
- Disable autorun
- Data encryption
- Patch/update management
- Turn off unused services
- Look at hidden folders
- Study local security policies and what they prevent
Process/Skill Questions:
- Why should individual users be trusted to configure their own security settings?
- How might one configure security on a workstation? What should be taken into consideration when doing so?
- Why should the guest account be disabled?
- What are two versions of “security best practices” for one's computer? Does the computer have all the items covered?
- What are the advantages and disadvantages of data encryption?