Week 7 Assignment - Develop Hardening Checklist for Windows 10 One of the most u

Question

Week 7 Assignment - Develop Hardening Checklist for Windows 10

One of the most useful tools you will use in your role as an Information Security professional is a hardening checklist. Essentially, it is a document that serves as a guide to configuring a desktop / system security. Please develop this guide for a windows 10 desktop environment.

The hardening checklist will take the form of a table or chart that lists how the Windows 10 desktop should be hardened. This will be culmination of everything you have learned, in terms of Operating Systems, Security Controls, and various strategies that can be employed. Essentially this documents will summarize everything you know about securing a system in an easy to follow checklist. You should try to provide a short and quick one sentence description on each setting or task that you are recommending in the checklist.

Explanation / Answer

Windows 10:

* It is a personal computer operating system developed and released by Microsoft as part of the Windows NT family of operating systems. It was officially unveiled in September 2014 following a brief demo at Build 2014.

The first version of the operating system entered a public beta testing process in October 2014, leading up to its consumer release on July 29, 2015.

* Microsoft described Windows 10 as an "operating system as a service" that would receive ongoing updates to its features and functionality, augmented with the ability for enterprise environments to receive non-critical updates at a slower pace, or use long-term support milestones that will only receive critical updates, such as security patches, over their five-year lifespan of mainstream support.

Terry Myerson, executive vice president of Microsoft's Windows and Devices Group, argued that the goal of this model was to reduce fragmentation across the Windows platform, as Microsoft aimed to have Windows 10 installed on at least one billion devices in the two to three years following its release.

Development:

* At the Microsoft Worldwide Partner Conference in 2011, Andrew Lees, the chief of Microsoft's mobile technologies, stated that the company intended to have a single software ecosystem for PCs, phones, tablets, and other devices. "We won’t have an ecosystem for PCs, and one for phones, and one for tablets

* The second column displays Windows 8-style app tiles. Myerson stated that these changes would occur in a future update, but did not elaborate.Microsoft also unveiled the concept of a "universal Windows app", allowing Windows Store apps created for Windows 8.1 to be ported to Windows Phone 8.1 and Xbox One while sharing a common codebase, with an interface designed for different device form factors, and allowing user data and licenses for an app to be shared between multiple platforms. Windows Phone 8.1 would share nearly 90% of the common Windows Runtime APIs with Windows 8.1 on PCs.

Features:

* Windows 10 harmonizes the user experience and functionality between different classes of device, and addresses shortcomings in the user interface that were introduced in Windows 8

* The Windows Runtime app ecosystem was revised into the Universal Windows Platform (UWP).These universal apps are made to run across multiple platforms and device classes, including smartphones, tablets, Xbox One consoles, and other compatible Windows 10 devices. Windows apps share code across platforms, have responsive designs that adapt to the needs of the device and available inputs, can synchronize data between Windows 10 devices (including notifications, credentials, and allowing cross-platform multiplayer for games), and are distributed through a unified Windows Store.

* Windows 10 is designed to adapt its user interface based on the type of device being used and available input methods. It offers two separate user interface modes: a user interface optimized for mouse and keyboard, and a "Tablet mode" designed for touchscreens. Users can toggle between these two modes at any time, and Windows can prompt or automatically switch when certain events occur, such as disabling Tablet mode on a tablet if a keyboard or mouse is plugged in, or when a 2-in-1 PC is switched to its laptop state.

* In Tablet mode, programs default to a maximized view, and the taskbar contains a back button and hides buttons for opened or pinned programs.Task View is used instead to switch between programs.

Updates and support:

* Windows 10 is serviced in a significantly different manner from previous releases of Windows. Its delivery is often described by Microsoft as a "service", due to its ongoing updates, with Terry Myerson explaining that Microsoft's aim is that "the question 'what version of Windows are you running' will cease to make sense.

* Windows Update does not allow the selective installation of updates, and all updates (including patches, feature updates, and driver software) are downloaded and installed automatically. Users can only choose whether their system will reboot automatically to install updates when the system is inactive, or be notified to schedule a reboot.

* Windows Update can also use a peer to peer system for distributing updates; by default, users' bandwidth is used to distribute previously downloaded updates to other users, in combination with Microsoft servers.

Upgraded builds:

* Upgraded builds of Windows 10 will occasionally be released, containing new features and other major improvements. The pace at which upgrades are received is dependent on which release channel is used; the default branch for all users of Windows 10 Home and Pro is "Current Branch", (CB) which receives stable builds as they are publicly released by Microsoft.

* Windows Insider branches receive unstable builds as they are released, at either a "Fast" pace (immediately after release) or "Slow" pace (slightly delayed from their "Fast" release). The Pro and Enterprise editions may optionally use the "Current Branch for Business" release channel (CBB, referred to in Windows Update settings as "Defer upgrades"), which receives the stable builds on a roughly four-month delay from their CB release.

   CBB may defer build upgrades for up to eight months, after which the new build must be installed in order to maintain support and access to security updates.

System requirements:

* The basic hardware requirements to install Windows 10 are the same as for Windows 8.1 and Windows 8, and only slightly higher than Windows 7. The 64-bit versions require a CPU that supports certain instructions.

* Devices with low storage capacity must provide a USB flash drive or SD card with sufficient storage for temporary files during upgrades.

Update system changes:

* Windows 10 Home is permanently set to download all updates automatically, including cumulative updates, security patches, and drivers, and users cannot individually select updates to install or not. Microsoft offers a diagnostic tool that can be used to hide updates and prevent them from being reinstalled, but only after they had been already installed, then uninstalled without rebooting the system.

* users would be unable to skip the automatic installation of updates that are faulty or cause issues with certain system configurations although some updates will also be subject to public beta testing through Windows Insider.There were also concerns that the forced installation of driver updates through Windows Update, where they were previously designated as "optional", could cause conflicts with drivers that were installed independently of Windows Update.

Privacy and data collection:

* Windows 10's privacy policies and its collection and use of customer data.Under the default "Express" settings, Windows 10 is configured to send various information to Microsoft and other parties, including the collection of user contacts, calendar data, and "associated input data" to personalize "speech, typing, and inking input", typing and inking data to improve recognition.

* Microsoft's privacy policy states, however, that "Basic"-level telemetry data is anonymized and cannot be used to identify an individual user or device.The use of Cortana also requires the collection of data "such as your device location, data from your calendar, the apps you use, data from your emails and text messages, who you call, your contacts and how often you interact with them on your device” to personalize its functionality.

* Microsoft Services Agreement reads that the company's online services may automatically "download software updates or configuration changes, including those that prevent you from accessing the Services, playing counterfeit games, or using unauthorized hardware peripheral devices." Critics interpreted this statement as implying that Microsoft would scan for and delete unlicensed software installed on devices running Windows 10.

License:

* During upgrades, Windows 10 licenses are not tied directly to a product key. Instead, the license status of the system's current installation of Windows is migrated, and a "Digital entitlement" is generated during the activation process, which is bound to the hardware information collected during the process. If Windows 10 is reinstalled cleanly and there have not been any significant hardware changes since installation (such as a motherboard change), the online activation process will automatically recognize the system's digital entitlement if no product key is entered during installations.

* However, unique product keys are still distributed within retail copies of Windows 10. As with previous non-volume-licensed versions of Windows, significant hardware changes will invalidate the digital entitlement, and require Windows to be re-activated.

Related Questions

Navigate

• Browse (All)
• Browse W
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.