In-depth mining to bring Windows 7 security to the next level

Compared with traditional operating systems, Windows 7 is more secure than Windows 7, but this does not mean that the security of Windows 7 is not guaranteed, because many security functions of the system are not enabled or set by default, we must set them appropriately to make these security functions play their due role, in this way, the security of the Win 7 system can be upgraded to another level!

1. Use BitLocker to protect disk privacy information

 

With the increasing prevalence of mobile media, protecting data security in these mobile media has become a topic of great concern. To meet such security requirements, windows 7 has a new full-disk encryption function to protect the security of mobile devices. This function is actually a BitLocker function. Although the traditional BitLocker function can only be effective for system disk installation and is difficult to configure, you must manually create independent disk partitions, but Windows 7 has overcome these shortcomings, we can easily configure and enable BitLocker to encrypt USB and flash devices. Even if these mobile devices are lost in the future, others will not easily peek at the data, in this way, you do not have to worry about privacy information leakage.

When you enable BitLocker in Windows 7, you can open the "Start" menu of the system and click the "control panel" option to open the control panel window of the corresponding system, select "system and security" and "Bitlocker drive encryption" to go to the disk drive list page;

Next, select the target disk partition for privacy protection, and click the "enable Bitlocker" link on the right of the corresponding partition to open the Bitlocker drive encryption wizard setting interface shown in 1, select the "unlock drive with password" option and enter the appropriate unlock password;

Click "Next". When the wizard screen asks us how to store the recovery key, we can save it as a text file or print it directly as needed, finally, click "enable encryption" to encrypt the target disk partition. In the future, you must use a valid key to access the data. If you cannot remember the key content, no one can peek at the privacy information.

2. Good at enabling Restriction Policies and rejecting exploitation of vulnerability programs

To protect system security, we believe that many people will regularly update system vulnerability patches online to ensure that system vulnerabilities are not exploited by illegal attackers. However, this method can only protect Windows system security vulnerabilities, but cannot protect some application vulnerabilities. To prevent these application vulnerabilities from being exploited, We Can skillfully configure the Software Restriction Policy of Windows 7 to restrict those applications that contain the vulnerabilities to freely connect to the network, the following are the specific restrictions:

First, open the "Start" menu of Windows 7, and click "All Programs", "attachments", and "run" commands in sequence, in the pop-up system run text box, enter the string command "gpedit. msc, click the Enter key to bring up the system Group Policy console window;

Expand the "Computer Configuration", "Windows Settings", "Security Settings", and "Software Restriction Policy" Node options at the left of the console window, right-click the "Software Restriction Policy" option and execute the "Create Software Restriction Policy" command in the shortcut menu;

Next, select the "force" option under the "Software Restriction Policy" branch node, and double-click the option with the mouse to open the option Setting Dialog Box shown in 2, select the "All Users except the local administrator" option and click "OK" to save the settings;

Next, select the "Other Rules" subitem under the "Software Restriction Policy" branch node, right-click the subitem, and click "New Path rule" from the shortcut menu, the create path rule setting window is displayed. Click "Browse" to select and add the target application that contains vulnerabilities, and then adjust "Security Level" to "not allowed ", in this way, attackers will not be able to exploit the vulnerability of the target application to attack Win 7 in the future.
3. Good at controlling UAC functions and improving the security level

The UAC function is not a new function in Windows 7. However, compared with the UAC function in Windows Vista and Windows 2008 systems, the User Account Control Function in Windows 7 has been significantly improved, the difference between illegal operations and legal operations is much more intelligent, and we can freely control the UAC security level based on actual security needs, and strive to ensure both operational efficiency and security performance. To improve the security level, Win 7 provides the UAC function to control the scroll bar. You only need to drag the mouse, the operation efficiency and system security can be balanced.

To make Windows 7 system run as stably as possible, we should try to change the UAC security level to "always notification ", in addition, Windows 7 has fewer security prompts than Vista. When adjusting the UAC security level, we can click the "Start" and "Control Panel" commands on the Windows 7 system desktop, in the displayed system control panel, click "User Account and home security" and "User Account" icon to go to the User Account Control List page, click the "Change User Account Control Settings" button to open the Setting Dialog Box shown in 3;

Check whether the UAC control button is in the "always notification" position. If it is not in this position, we must promptly move the move button to this position, click the "OK" button to save the above settings. As a result, the security protection level of Win 7 system will be significantly improved, and the security threats to the system will naturally be greatly reduced.

 

4. Use smart filtering to prevent malicious page attacks

 

Nowadays, many website pages on the Internet contain malicious controls or virus code. Once users accidentally access these websites, they will be attacked by these malicious controls or virus code, if it is light, the system will be attacked by a network virus. In severe cases, the local hard disk may be secretly formatted. To prevent malicious page attacks on the local system, the IE browser of Windows 7 has added the smart filtering function. Once we enable this function successfully, the local IE browser can automatically link to Microsoft's website database to check whether the pages of the target website are secure. This can effectively reduce the possibility that the local system will be attacked by malicious sites. When enabling the smart filtering function of Windows 7 with IE browser, we can follow the steps below:

Open the IE browser window that comes with Windows 7, click the "Tools" option in the menu bar, and click the "SmartScreen filter" option from the drop-down menu, click the open SmartScreen filter command from the lower menu to bring up the Setting Dialog Box 4;

Select the "open SmartScreen filter" option in the Setting dialog box, and click "OK" to save the preceding settings, in this way, when the computer we are visiting simulates other websites or threatens our computer in the future, the smart filtering function will automatically prompt you with a warning.

5. Make full use of the backup and restoration functions to easily restore important data

As the saying goes, "the sky is high and the sky is high." In many cases, it is almost impossible to defend against attacks. Even if we have made perfect security settings, many security defense measures may still be vulnerable to sudden viruses. To avoid catastrophic damage caused by sudden viruses, we only need to back up important data in a timely manner. When the system crashes, simply performing data recovery can resolve security threats. Windows 7 provides powerful data backup and restoration functions. We can back up important data as follows:

First, open the Start Menu of Windows 7 and click the control panel command, in the displayed system control panel window, click system and security, backup and restore to open the Backup and Restore Management window for the corresponding system;

Next, click "set backup" to open the Setting Dialog Box shown in 5, select the disk partition option for important data information, and click "Next, then, the wizard displays a prompt asking us what data we want to back up. We can select the target backup content as needed, and click "Save settings and run backup, in this way, the target data content can be backed up successfully.

If the Windows 7 system fails to run normally in the future, we don't have to worry about the security of important data. We just need to simply reinstall the operating system and then execute the System Restoration function, to recover the important data backed up successfully.