SECURITY: Complete TopN0ch's 2021 Security Configuration

Last updated
Feb 19, 2021
About
Personal, primary device
Additional PC users
Not shared with other users
Desktop OS
Windows 10
OS License Type
Pro
Login security
    • Passwordless (PIN, Biometric, Face)
Primary sign-in
Microsoft account
Primary account rights
Administrator permissions
Other accounts rights
N/A - Single user account
Security updates
Automatic - allow all types of updates
Windows UAC
Maximum - always notify
Network firewall
Personal router w/ firewall & filtering
Real-time protection
Windows Defender for Endpoint (Formerly Defender ATP)
Software firewall
Microsoft Defender Firewall
Custom RTP, Firewall and OS settings
System settings:
- Reputation-based protection
- Check apps and files - Enabled
- Smart Screen for Microsoft Edge - Enabled
- Potentially unwanted app blocking - Enabled
- SmartScreen for Microsoft apps - Enabled
- Exploit protection - All Enabled except Mandatory ASLR
- Application Guard - Isolated browsing for Edge - Enabled
- Core Isolation
- Memory Integrity - Enabled
-
Defender Network Protection - Enabled
- Data Execution Prevention for all programs and services - Enabled/Default
- AutoPlay disabled

- SandBoxie-Plus
- GlassWire Elite with Virus Total check enabled
Malware research
No - malware samples are not downloaded
Periodic scanners
Malwarebytes Premium , TrendMicro HouseCall
DNS
- Cloudflare DNS with DoH managed by AdGuard Windows (system-wide)
VPN
Private Internet Access (PIA)
Password manager
Dashlane Premium
Browsers, Search and Addons
Microsoft Edge

Addons: Dashlane, AdGuard Browser Assistant, Honey (Disabled by default)
PC maintenance
Privazer
Personal Files & Photos backup
Daily - NAS & OneDrive (Encrypted) using SyncFolder
Personal backup routine
Automatic (scheduled)
Device recovery & backup
OneDrive, WD NAS
Device backup routine
Automatic (scheduled)
PC activity
  1. Browsing the web. 
  2. Emails. 
  3. Shopping. 
  4. Banking. 
  5. Downloading software. 
  6. Browsing to unknown sites. 
  7. PC and cloud gaming. 
Computer specs
Custom Build
CPU:: AMD Ryzen R9 3900X
GPU: nVidia GTX 1080Ti
RAM: Team Group T-Force 32GB 4133 MHz
Storage: CORSAIR Force Series Mp600 1TB Gen4
Feedback Response

Most critical feedback

SecurityNightmares

Level 35
Verified
Jan 9, 2020
2,470
Windows Defender for Endpoint (Formerly Defender ATP)
So you pay for it?

Data Execution Prevention for all programs and services - Enabled/Default
Default doesn't enforce enable.
Opt-In is default so you need manually adding programs.
You can get the status with this command line command:
bcdedit /enum (search for NX)
Most secure one is: AlwaysOn

RAM: Team Group T-Force 32GB 4133 MHz
That's very high frequency. Why so high?
Did you do it for your Ryzen too?
 

SecureKongo

Level 16
Verified
Malware Tester
Feb 25, 2017
770
I would look for another VPN in the future if I were you. Private Internet Access got acquired by Kape Technologies, a not so trustworthy company not too long ago.
 
Last edited:

TopN0ch

New Member
Sep 3, 2018
4
So you pay for it?
Yeap, it is not that expensive - works about 5$ a month
Default doesn't enforce enable.
Hmm, I ve got to double check this cause I am quite sure there is a list of apps already in there with different settings (Maybe a Defender ATP feature?)
That's very high frequency. Why so high?
Did you do it for your Ryzen too?
I bought them with that frequency mainly for my CPU but I am planning to "tune them at 3800 - 1900 fabric
I would look for another VPN in the future if I were you. Private Internet Access got acquired by Kape Technologies, a not so trustworthy company not too long ago.
I didn't know that to be honest. I am quite happy with their service so far but I will definitely look into it, thanks!
 

TopN0ch

New Member
Sep 3, 2018
4
That's unbelievably cheap. But how does it work?
Doesn't ATP need a "server"?
Apologies for the delay in getting back to you.

You will need to create an Azure tenancy which you can have for free and then contact a Microsoft license partner to get a license. The following URL has more info about it but feel free to reach out if you need any help.

 
Top