Windows 7 system security Tuning Setup Tutorial

Compared to the traditional operating system, the Win 7 system is even more secure, but that does not mean that the security of the system is safe, because many of the security features of the system are not enabled or set in the default state, and we must set them properly to make these security functions work. In that way, the security of Win 7 system can be a higher level!

1, use the BitLocker function, protect disk privacy information

With the increasing popularity of mobile media, the protection of data security in these mobile media has become a topic of great concern; In order to adapt to such security requirements, the Win 7 system has added new protection for mobile device security of the overall encryption function, which is the function of BitLocker. Although the traditional BitLocker feature is only valid for System Setup disks and is difficult to configure, it is necessary to create separate disk partitions manually, but the win 7 system has overcome these drawbacks and we can easily configure BitLocker enabled for USB devices, Flash devices to encrypt, even if these mobile devices are lost, other people will not easily steal the data content, so that there is no need to worry about privacy information leaked.

When configuring BitLocker enabled in the Win 7 system, we can open the Start menu of the system, tap the Control Panel option, open the Control Panel window of the corresponding system, and select the system and security, BitLocker Drive Encryption feature icon in turn. Enter the disk drive list interface;

Second, select the target partition that requires privacy protection, click the Enable BitLocker link on the right side of the partition, open the BitLocker Drive Encryption Wizard Settings screen as shown in Figure 1, select the "Unlock Drive with password" option, and enter the appropriate unlock password

Then click the Next button, when the wizard screen asks us how to store the recovery key, we can save it as a text file as needed or print it directly, and then click the "Start Encryption" button, so that the target partition is encrypted successfully, and you must rely on the legal key to access the data content in the future. If the key content is not remembered, then no one can peek at the privacy information.

2, good at enabling restrictive policies, the denial of vulnerability program is exploited

To protect system security, it is believed that many people will regularly update the system vulnerabilities on a regular basis to ensure that system vulnerabilities are not exploited by illegal attackers, but this approach only protects the Windows system's own security vulnerabilities and does not protect some application vulnerabilities. To prevent these application vulnerabilities from being exploited illegally, we can skillfully configure the win 7 system's software restriction policy to limit the free connection of applications that contain vulnerabilities, and the following are the specific restriction steps:

First, open the Win 7 system's Start menu, click "All Programs"/"Attachments"/"Run" commands, enter the string command "Gpedit.msc" in the pop-up system run text box, then eject the System Group Policy Console window after clicking Enter;

Second, expand the Computer Configuration/Windows Settings/Security Settings/Software Restriction policy node options at the left of the console window, right-click the Software Restriction Policy option, and execute the Create Software Restriction Policy command on the shortcut menu;

Select the mandatory option under the Software Restriction Policy Branch node and double-click the option to open the Option Settings dialog box shown in Figure 2, select the "All users except local Administrators" option, and click OK to perform the save operation

Next, select the other rules subkey from the Software Restriction Policy Branch node. Then right-click the subkey, select New Path Rule from the shortcut menu that pops up, pop up the new Path Rule Settings window, click the Browse button, highlight the target application that contains the vulnerability, and then add it in, and finally the security level Adjusted to "not allowed", so that the illegal attacker could not use the target application vulnerabilities to attack the win 7 system at any later date.

3, good at controlling the UAC function, improve the level of security guard

The UAC feature is not a new feature of the win 7 system, but compared to the UAC features under Vista and win 2008, the user Account Control function in Win 7 has improved significantly, and the distinction between illegal operations and legitimate operations is much more intelligent, And we can according to the actual security needs to control the UAC security level freely, strives for the operation efficiency and the security performance two not to be mistaken. In order to improve the level of security, the Win 7 system specifically provides users with the UAC function control scroll bar, the user simply drag the mouse, can be operating efficiency and system security to find a balance between.

To keep the win 7 system as stable as possible, we should try to adjust the UAC security level to "always notify," and with this setting, the Win 7 system pops up with a much smaller security hint than the Vista system. When you adjust the UAC security level, we can click the "Start", "Control Panel" command on the Win 7 system desktop, click the "User account and home security", "User account" icon option in the Pop-up System Control Panel window, and click on the user Account Control list interface. Change the user Account Control Settings button to open the Settings dialog shown in Figure 3;

Check that the control button for the UAC function is at the "Always notify" position, and if it is not in this position, we must move the move button to that position in time, and then click OK to save the setup operation so that the security guard level of the win 7 system will be significantly improved. Then the security threat to the system will naturally decline.

4, the use of intelligent filtering function, beware of malicious page attacks

Many web pages on the Internet now have malicious controls or virus code behind them, once users accidentally visit these sites, they will encounter these malicious control or virus code attack, light system will be network virus attack, serious time the local hard drive may be secretly formatted. In order to prevent the local system from encountering malicious pages of illegal attacks, the Win 7 system with the new Internet Explorer added intelligent filtering function, once we successfully enabled the feature, local IE browser can automatically link up with Microsoft's Web site database, so that the audit Proofing target Site page is safe, This can effectively reduce the likelihood that the local system will be illegally attacked by malicious sites. When you enable the Smart Filter feature of the Win 7 system with IE browser, we can do the following:

First, open the win 7 system with its own IE browser window, click the Tools option in the menu bar of the window, click the SmartScreen Filter option from the Drop-down menu, and click the Open SmartScreen Filter command from the subordinate menu to eject the settings dialog shown in Figure 4.

Second, select the Open SmartScreen Filter option in the Settings dialog box and click OK to save the settings so that the smart filtering feature automatically pops up warning us when the computer we're visiting is simulating another Web site or is threatening its own computer.

5, make good use of backup restore function, easy to restore important data

As the saying goes, "while, outsmart", many times almost impossible, even if we have a very perfect security settings, but encountered a number of sudden virus coming, many security measures may still be fragile. In order to avoid catastrophic damage caused by sudden virus, we only have to backup the important data in time, when we encounter system crash, we can resolve the security threat by simple data recovery operation. The Win 7 system provides users with powerful data backup and restore capabilities, and we can do the following to back up important data:

First, open the win 7 system "Start" menu, select the "Control Panel" command, in the Pop-up System Control Panel window, click the System and security, backup and Restore function icon, open the corresponding system's backup and restore Management window;

Second, continue clicking the "Set Backup" button, open the Setup dialog shown in Figure 5, select the disk partitioning option where the important data information is located, and click the Next button, and then the wizard screen prompts you to ask us what data we want to back up, and we can select the target backup content according to our actual needs, and then click Save the settings and run the backup button so that the target data content can be backed up successfully.

Once the win 7 system is paralyzed and not functioning properly, we do not have to worry about the security of important data, simply reinstall the operating system, and then perform a System Restore function to restore the important data of good backup to success.