Advanced Security Morro Security Config 2024

Last updated
Sep 21, 2024
How it's used?
For home and private use
Operating system
Windows 11
On-device encryption
BitLocker Device Encryption for Windows
Log-in security
    • Biometrics (Windows Hello PIN, TouchID, Face, Iris, Fingerprint)
    • Basic account password (insecure)
Security updates
Allow security updates
Update channels
Allow stable updates only
User Access Control
Always notify
Smart App Control
Off
Network firewall
Enabled
Real-time security
Microsoft Defender with Configure Defender set to High.
Firewall security
Microsoft Defender Firewall with Advanced Security
About custom security
I also use WHHLight with SWH+Smart screen Block and his Firewall Hardening.
Periodic malware scanners
* On demand scanners: Norton Power Eraser — EEK.
Malware sample testing
I do not participate in malware testing
Environment for malware testing
N/A
Browser(s) and extensions
Brave — Main
Firefox: Secondary

— In Brave I now use uBlock Lite and uBlock Origin in Firefox.
— SafeToOpen Online Security in Brave / F-Secure ext in FF
— KeePassXC
— Popup Blocker (Strict)
— Dark View
— Bonjourr Minimalistic Startpage

Exploit settings:

Block low integrity images — ON
Block remote images — ON
Block untrusted fonts — ON
Control flow guard (CFG) — ON
Data execution prevention (DEP) — ON + Enable thunk emulation — CHECKED
Disable extension points — ON
Force randomization for images (Mandatory ASLR) — ON + Do not allow stripped images — CHECKED
Randomize memory allocations (Bottom-up ASLR) — ON
Validate exception chains (SEHOP) — ON
Validate handle usage — ON
Validate heap integrity — ON
Validate image dependency integrity — ON
Secure DNS
Quad9
Desktop VPN
None
Password manager
Brave: KeePassXC
Firefox: KeePassXC
Maintenance tools
* Windows own tools.
* Wise Diskcleaner.
* Driver Store Explorer
* For software updates, I run this command once a week in Powershell.

winget upgrade --all --include-unknown --accept-package-agreements --accept-source-agreements
File and Photo backup
I started doing this manually to my external HD quit a while ago. And removed OneDrive about a week ago with AppBuster.
Subscriptions
    • None
System recovery
* Hasleo Backup Suite Free.
* External Hard Drive.
Risk factors
    • Browsing to popular websites
    • Opening email attachments
    • Downloading software and files from reputable sites
    • Gaming
Computer specs
* Operating System: Windows 11 Pro
* Motherboard: B560 ATX Wi-Fi / 1200 Socket (ATX)
* Processor: Intel i9 11900K - 8 cores - 16 threads - 3,5 GHz (Turbo 5,3 GHz)
* CPU Cooler: Master Liquid 240mm RGB(Active.) Air Cooling. (Passive.)
* SSD: 1TB M2.0 NVMe (Read: 3500MB/s, Write: 2700MB/s)
* External 5 TB WD Elements 25A3 USB Device
* RAM: RGB 32GB DDR4-3200 MHz (2x 16GB)
* Graphics card: Nvidia RTX 4060 8GB
* AOC Q27G2S - QHD IPS 165Hz Gaming Monitor - 27 Inch
* Outer casing: Sharkoon REV100
* Power: 750Watt - 80Plus GOLD
* Lan: Realtek 2.5 Gbps
* Sound: Realtek ALC892
* USB: 11 ports (Of different kinds.)
What I'm looking for?

Looking for medium feedback.

You may also like...