Interesting Windows 10 Group Policy Configs

I went over some of the windows 10 group policy configurations and here are some interesting ones:
* Turn off DEP for explorer
* Turn off heap termination on corruption
* Turn off shell protocol protected mode
* Verify old and new folder redirection targets point to the same share before redirecting
* Enable protected event logging (allows PKI enryption on windows event logs)
* Do not connect to any windows update internet locations
* Specify intranet microsoft update service location
* Allow remote shell access (windows remote shell)
* Allow remote server management through winrm (windows remote management)
* Turn on powershell script block logging (logs the code which is actually executed)
* Allow users to patch elevated products
* Specify the types of events windows installer records in its transaction log
* Automatically send windows error reporting memory dumps for OS-generated error reports
* Ignore custom windows error reporting consent settings
* Windows defender – turn on behavior monitoring
* Windows defender – Turn on network protection against explots of known vulnerabilities
* Prohibit new task scheduler creation
* RDP – do not delete temp folders upon exit
* RDP – do not use temporary folders per session
* Allow non-administrators to install drivers for these device setup classes
* Allow remote access to the plug and play interface
* Prevent installation of removable devices
* Run these programs at windows logon
* Do not process the legacy run list
* Do not process the run once list
* Specify KDC proxy servers for kerberos clients


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s