Advanced Plus Security sirius777 Security Configuration 2022

Thread starter sirius777
Start date Feb 28, 2022

Last updated: Feb 28, 2022

How it's used?: For home and private use

Operating system: Windows 10

On-device encryption

Log-in security

Security updates: Allow security updates

User Access Control: Always notify

Smart App Control

Network firewall

Real-time security: Microsoft Defender

Firewall security: Microsoft Defender Firewall

About custom security

Simple Windows Hardening
Configure Defender > HIGH
Controlled folder access (ransomware protection)
Firewall Hardening > LOLBins + Recommended H_C
Enabled block at first sight via Local Group Policy Editor
Enabled network protection
Disabled Windows Script Host
Microsoft Defender > sandbox
Enabled Secure Boot

Periodic malware scanners: Microsoft Defender Offline Scan
Kaspersky Virus Removal Tool
Emsisoft Emergency Kit

Malware sample testing: I do not participate in malware testing

Browser(s) and extensions

Browsers:
- Microsoft Edge
- Google Chrome
- Brave
- Firefox

Extensions:
- uBlock Origin > Advanced user, Prevent WebRTC from leaking local IP addresses, Block CSP reports, Disable JavaScript, Block remote fonts, blocked 3rd party frames, blocked 3rd-party (hard mode), and custom rules.
- Facebook Container (Firefox only)

Chrome, Edge, and Brave flags:
- #strict-origin-isolation

Microsoft Edge additional settings:
- Microsoft Defender SmartScreen
- Block potentially unwanted apps
- Tracking protection > balanced
- Secure DNS

Google Chrome additional settings:
- Enhanced protection
- Secure DNS

Brave additional settings:
- Secure DNS
- Clear browsing data on exit

Firefox additional settings:
- Tracking protection > strict
- Secure DNS

Custom exploit protection settings for browsers:
- Block low integrity images - ON
- Block remote images - ON
- Block untrusted fonts - ON
- Code integrity guard - ON (Also allow loading of images signed by Microsoft Store) ----> only for Microsoft Edge
- Control flow guard (CFG) - ON
- Data execution prevention (DEP) - ON + Enable trunk emulation
- Disable extension points - ON
- Force randomization for images (Mandatory ASLR) - ON + Do not allow stripped images
- Randomize memory allocations (Bottom-up ASLR) - ON + Don't use high entropy
- Validate exception chains (SEHOP) - ON
- Validate handle usage - ON
- Validate heap integrity - ON
- Validate image dependency integrity - ON

Secure DNS: Microsoft Edge, Firefox, and Brave: Cloudflare
Google Chrome: Google DNS

Desktop VPN: Windscribe

Password manager: KeePass portable and KeePassXC

Maintenance tools

Samsung Magician
Storage Sense

File and Photo backup

External hard drive (copy and paste)
AOMEI Backupper Pro
Google Drive
Mega

System recovery: AOMEI Backupper Pro

Risk factors

- Browsing to popular websites
- Opening email attachments
- Buying from online stores, entering banks card details
- Logging into my bank account
- Downloading software and files from reputable sites
- Sharing and receiving files and torrents

Computer specs: Device: ASUS A455L
CPU: Intel Core i5-5200U (2.7GHz)
GPU: GeForce 930m
RAM: 8GB
Storage: 250GB SAMSUNG 860 EVO SSD

Notable changes: Not much has changed since 2021.

What I'm looking for?: Not looking for any feedback.

sirius777

Level 2

Thread author

Feb 28, 2022

#1

Not much has changed since 2021.

Reactions: Venustus, Moonhorse, oldschool and 2 others

Similar threads

Advanced Plus Security Minimalist's Security Configuration 2024

Replies: 3

Views: 876

PC Setup Configuration Help & Showcase Dec 24, 2023

Minimalist

On Sale! Bitdefender Internet Security: 1 Dev., 1 Year, $ 16.50

Replies: 0

Views: 261

Discounts and Deals Feb 15, 2024

Brownie2019

M

Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

Microsoft Threat Intelligence
Apr 25, 2024
Microsoft Defender

Replies: 0

Views: 151

Microsoft Defender Apr 25, 2024

Microsoft Threat Intelligence

M

Top