For those concerned with security, Microsoft has had the SCT for some time. This tool lets you take trusted secure baseline configurations from https://packt.link/OxKKv, Microsoft, and others and make them into Group Policies that you can import into your environment. Generally speaking, using this tool to securely configure your environment is preferred rather than going off into the woods on your own. The reasons for this are set out here:
- The guidelines are created by expert security entities and professionals.
- When you have trouble and have to get support, is it better to say We followed the SCT template for secure desktops or We did a bunch of tweaks to the registry and security settings and now it doesn’t work? The list of baselines is pretty comprehensive (Windows 11 is in the works at the time of writing and is available at https://packt.link/Mb2GF).
For more information about SCM and its implications on security profiles, consult Chapter...