SECURITY: Complete Thiagoo Security Configuration 2021

Last updated
Jul 10, 2021
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 10
Linux distro
Ubuntu 20.04
OS edition
Home
Login security
    • Password (Aa-Zz, 0-9, Symbols)
Primary sign-in
Microsoft account
Primary user
Admin user - Full permissions
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
ISP-issued router
Real-time protection
Hardened Microsoft Defender
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
Memory Integrity enabled in Core Isolation
Mandatory ASLR enabled
Controlled Folders enabled
Simple Windows Hardening
ConfigureDefender set to Maximum
FirewallHardening set to LOLBins, Recommended H_C
Windows features like IE11, SMB and printing disabled to reduce attack surface

Edge Chromium with custom Exploit Protection settings and flags:
#smooth-scrolling (enabled)
#enable-gpu-rasterization (enabled)
#load-media-router-component-extension (disabled)
#disallow-doc-written-script-loads (enabled)
#post-quantum-cecpq2 (enabled)
#block-insecure-private-network-requests (enabled)
#enable-parallel-downloading (enabled)
#edge-experimental-tracking-prevention-features (enabled)
#strict-origin-isolation (enabled)
Malware testing
No malware samples
Periodic security scanners
HitmanPro and AdwCleaner
Secure DNS
Cloudflare 1.1.1.1
VPN
None
Password manager
Bitwarden
Browsers, Search and Addons
Edge Chromium

uBlock Origin
Bitwarden
Bitdefender TrafficLight
Maintenance and Cleaning
Process Explorer
Autoruns
Raxco PerfectDisk (defrag)
ThrottleStop
Personal Files & Photos backup
Google Drive
Personal backup routine
Manual (maintained by self)
Device recovery & backup
Macrium Reflect 7 Free, backup is stored on secondary HDD
Device backup routine
Automatic (scheduled)
PC activity
  1. Working from home. 
  2. Browsing the web. 
  3. Downloading software. 
  4. PC and cloud gaming. 
  5. Streaming. 
  6. App developer. 
Computer specs
Acer Nitro 5 AN515-52
Intel i7 8750h
NVIDIA GeForce 1050ti 4GB
16GB RAM DDR4

128GB SSD
1TB HDD
Personal changelog
-Switched to Microsoft account
-Added Ubuntu 20.04 to Linux Distro (dual boot)
Feedback Response

Most critical feedback

Thiagoo

Level 3
May 10, 2021
95
A new version of my previous Security Configuration for 2021, this time using only Windows built-in security options. This configuration uses less resources and from my view it's considerably better than the previous one.

Any feedback is appreciated!
 
F

ForgottenSeer 85179

Take a look at NextDNS and Quad9 as Cloudflare isn't that good:
https://www.youtube.com/watch?v=wSAWCMTwPiU
https://www.youtube.com/watch?v=imlFubYv8YY

Also, with an online Windows account, you can use Windows Hello which is more secure than a password.
A local attacker also can't get into your system with online account, but local accounts can be circumstanced.

And last but not least, you can convert your Admin account into an limited/ restricted account to decrease attack surface (y)
 
Top