Windows Server Security Best Practices (risks/threats/vulnerabilities)
Note: you must do comprehensive research in addition to studying the reading material.
Windows Server hardening involves identifying and remediating security threats and vulnerabilities. Here are the top Windows Server hardening best practices you can implement immediately to reduce the risk of attackers compromising your critical systems and data. Your task is to identify all the hardening processes / methods / procedures / controls / best practices / techniques under each category. Research the Internet, assemble resources and literature, and fill in the following categories:
Organizational Security (Example: Maintain an inventory record for each server that clearly documents its baseline configuration and records each change to the server.)
Windows Server Preparation (Example: Set a BIOS/firmware password to prevent unauthorized changes to the server startup settings.)
Windows Server Installation (Example: Use the Security Configuration Wizard to create a system configuration based on the specific role that is needed.)
User Account Security Hardening (Example: Disable the guest account.)
Network Security Configuration (Example: Perform port blocking at the network setting level. Perform an analysis to determine which ports need to be open and restrict access to all other ports.)
Registry Security Configuration (Example: Configure registry permissions. Protect the registry from anonymous access. Disallow remote registry access if not required.)
General Security Settings (Example: Remove unneeded Windows components. Any unnecessary Windows components should be removed from critical systems to keep the servers in a secure state.)
Audit Policy Settings (Example: Enable Audit policy according to audit policy best practices.)
Software Security Guide (Example: Install and enable anti-spyware software. Configure it to update daily.)
Audit Policy Best Practices (Example: Determine which types of events you want to audit from the list below and specify the settings for each one. The settings you specify constitute your audit policy. Note that some event types are audited by default.)
Types of events you can audit (Example: Account logon. User logon auditing is the only way to detect all unauthorized attempts to log in to a domain. It is necessary to audit logon events — both successful and failed — to detect intrusion attempts. Logoff events are not tracked on the domain controllers.)
Recommended Audit Policy settings (Example: Audit Security Group Management: Success and Failure)
Best practices for auditing (Example: Before you implement any audit processes, you should determine how you will collect, store and analyze the data. There is little value in amassing large volumes of audit data if there is no underlying plan to manage and use it.)
In your answer, do not add the examples given above. They are provided to help you do the further research. Each of the above categories must have multiple items listed (processes / methods / procedures / controls / best practices / techniques etc.) Your answer must be authentic.