Using group policies to protect Windows security from ten aspects (1)

In Windows, group policy applications are everywhere. How to make the system safer is also a constant topic, next let's take a look at how to implement a Golden Bell Hood for the Windows system through group policies.

1. Add security policies to our IP addresses

In "Computer Configuration"> "Windows Settings"> "Security Settings"> "IP Security Policy, there are several network-related configuration items under" Local Computer ". 1 ). If you are familiar with the Internet, you can also use it to add or modify more network security settings, which makes it safer to run network programs on Windows or to swim over the Internet.

Figure 1 tips: This item is relatively professional and involves many professional concepts. Generally, users may not be able to use it. Here, we just give the network administrator a wake up, So I skipped it here.

2. Hide the drive. After we hide the folder, you only need to display all the files in the folder option. You can delete this option in the Group Policy: select "user configuration> management template> Windows Components> Windows Resource Manager" 2 ).

Figure 2

3. Disable the specified file type

In "Group Policy", we can disable program file types such as SHS, MSI, BAT, CMD, COM, and EXE without affecting the normal operation of the system. Assume that you want to disable the REG file of the Registry and prevent the system from running the REG file. The procedure is as follows:

1. open the Group Policy, click "Computer Configuration> Windows Settings> Security Settings> Software Restriction Policy", and choose "create Software Restriction Policy" from the shortcut menu ", generate "security level", "other rules", "force", "assigned file type", and "trusted publishers" (Figure 3 ).

Figure 3