Workstation
Prerequisites
Local administrator and basic user account
PowerShell we need to be enabled on windows builds
Port 445 will need to be enabled for authentication scan
Ensure that you make the followihng registry edit in order to be able to perform the remote authenticated nussus scan:
regedit (run as admin) > HKEY_LOCAL_MACHINE > SOFTWARE > Microsoft > Windows > CurrentVersion > Policies > System. Right click > New > DWORD (32-bit) Value. LocalAccountTokenFilterPolicy > Right click > Modify > Value data: 1
Also enable/start the 'remote registry' service in services.msc
Checklist
Useful commands
Unquoted service paths
Search the running processes
Check if LAPS is installed (PowerShell)
Vulnerability and patching checks
Using Microsoft Baseline Security Analyzer (MBA)
https://docs.microsoft.com/en-us/previous-versions/cc184924(v=msdn.10)?redirectedfrom=MSDN
Benching
Compare the output
Resultant Set of Policy
Gpresult /H buldreview.html
CIS
Level 1
Run in Nessus
Download for the file tests
Last updated