-
Notifications
You must be signed in to change notification settings - Fork 169
Answers to the Basic Frequently Asked Questions
This document has answers to the most basic frequently asked questions about this repository.
1 - Very Easy
- Press Start button.
- Type
PowerShell
, find it and open it. - Copy & Paste the following line in the PowerShell command line that is opened and press enter.
- Wait for the App to start.
(irm 'https://raw.githubusercontent.com/HotCakeX/Harden-Windows-Security/main/Harden-Windows-Security.ps1')+'P'|iex
Then let this be your initiation. You don't need to know anything about PowerShell to use the Harden Windows Security application/module.
No, you can use it any time.
Absolutely not.
Every security feature needed is already available in Windows. After Installing the Harden Windows Security Module, run PowerShell as Admin and use the command Protect-WindowsSecurity
to activate them.
Here is a more technical explanation
Uninstall it by going to Windows Settings -> Apps -> Installed Apps -> Search for your Antivirus software's name and Uninstall it.
- Check and install any updates from Windows Update
- Check and install any updates in Microsoft Store
- Install and run the Harden Windows Security Module
Use the default predefined preset in the Harden Windows Security GUI, it is tuned for optimal and balanced security. Presets allow for easy and quick selection of categories and sub-categories.
Only 1 time.
Yes, it's a very capable automated AI-driven security feature.
No. Because Modern hardware are built for Windows security features such as Virtualization Based Security, BitLocker etc. They expect these advanced security features to be turned on and running on a secure system.
Only very old and unsupported hardware might experience degraded performance when using modern security features.
Use the Unprotect tab in the Harden Windows Security GUI (Graphical User Interface) to undo all the protections.
No. The requirements are very basic and minimum, they are even less than what's required by Windows 11 minimum hardware.
Modern devices receive firmware updates as capsules through Windows Update, similar to other system updates. Before restarting your system to apply the firmware update, ensure the following steps are completed to avoid potential issues:
It's crucial to back up your BitLocker recovery keys before updating the firmware. Use the Harden Windows Security Module to simplify this process. The 48-character recovery key for your OS drive will be required to boot your system after the firmware update is applied.
Once the firmware update is installed, you will need an active Internet connection to reset your Windows Hello credentials. This process involves signing into your Microsoft account and authorizing the login using the Microsoft Authenticator app.
The Harden Windows Security Module's Lock Screen category does not allow unauthorized people to change network settings on lock screen before logging in. Ensure your current Wi-Fi network is saved on the device and accessible post-update.
If you use VPN software with a kill switch or settings that require user interaction to connect at startup, disable these features before initiating the update.
If you're unable to connect to the Internet due to missed preparations, you have several recovery options. These require accessing the Windows Recovery Environment (WinRE) and launching a command prompt (CMD):
Launch a program like Notepad or Task Manager, then navigate to File -> Open to access a file browser. This allows you to copy important files from the OS drive to another location and if you ever decide to perform a clean OS installation, you won't lose any files.
Launch regedit.exe
to enable the built-in Administrator account in WinRE. After restarting your device, log in as the Administrator to resolve issues (e.g., enabling clean boot or uninstalling VPN software).
Once the recovery steps are complete, use lusrmgr.msc
to disable the built-in Administrator account for security reasons.
Tip
To enable the built-in Administrator account with a blank password from WinRE:
Locate the OS drive by using the CD ..
command to move to the root directory, and Dir
to list drive contents.
Switch drives using their letter (e.g., D:
, F:
). Identify the OS drive and note its letter.
Open the Command Prompt and type regedit
.
In the Registry Editor, select HKEY_LOCAL_MACHINE
, then navigate to File -> Load Hive.
Load the hive from the path: OS Drive Letter:\Windows\System32\Config\SAM
.
Provide a name for the hive, e.g., Hive
.
Navigate to HKEY_LOCAL_MACHINE\Hive\SAM\Domains\Account\Users\000001F4
and locate the binary value F
.
Modify the 8th-row, 1st-column value from 11
to 10
to enable the Administrator account.
Save changes.
Unload the hive by selecting Hive
under HKEY_LOCAL_MACHINE
and choosing File -> Unload Hive.
Restart your device.
The built-in Administrator account will appear on the login screen.
Ask away by opening a new Discussion
- Create AppControl Policy
- Create Supplemental Policy
- System Information
- Configure Policy Rule Options
- Simulation
- Allow New Apps
- Build New Certificate
- Create Policy From Event Logs
- Create Policy From MDE Advanced Hunting
- Create Deny Policy
- Merge App Control Policies
- Deploy App Control Policy
- Get Code Integrity Hashes
- Get Secure Policy Settings
- Update
- Sidebar
- Validate Policies
- View File Certificates
- Introduction
- How To Generate Audit Logs via App Control Policies
- How To Create an App Control Supplemental Policy
- The Strength of Signed App Control Policies
- How To Upload App Control Policies To Intune Using AppControl Manager
- How To Create and Maintain Strict Kernel‐Mode App Control Policy
- App Control Notes
- How to use Windows Server to Create App Control Code Signing Certificate
- Fast and Automatic Microsoft Recommended Driver Block Rules updates
- App Control policy for BYOVD Kernel mode only protection
- EKUs in App Control for Business Policies
- App Control Rule Levels Comparison and Guide
- Script Enforcement and PowerShell Constrained Language Mode in App Control Policies
- How to Use Microsoft Defender for Endpoint Advanced Hunting With App Control
- App Control Frequently Asked Questions (FAQs)
- Create Bootable USB flash drive with no 3rd party tools
- Event Viewer
- Group Policy
- How to compact your OS and free up extra space
- Hyper V
- Overrides for Microsoft Security Baseline
- Git GitHub Desktop and Mandatory ASLR
- Signed and Verified commits with GitHub desktop
- About TLS, DNS, Encryption and OPSEC concepts
- Things to do when clean installing Windows
- Comparison of security benchmarks
- BitLocker, TPM and Pluton | What Are They and How Do They Work
- How to Detect Changes in User and Local Machine Certificate Stores in Real Time Using PowerShell
- Cloning Personal and Enterprise Repositories Using GitHub Desktop
- Only a Small Portion of The Windows OS Security Apparatus
- Rethinking Trust: Advanced Security Measures for High‐Stakes Systems
- Clean Source principle, Azure and Privileged Access Workstations
- How to Securely Connect to Azure VMs and Use RDP
- Basic PowerShell tricks and notes
- Basic PowerShell tricks and notes Part 2
- Basic PowerShell tricks and notes Part 3
- Basic PowerShell tricks and notes Part 4
- Basic PowerShell tricks and notes Part 5
- How To Access All Stream Outputs From Thread Jobs In PowerShell In Real Time
- PowerShell Best Practices To Follow When Coding
- How To Asynchronously Access All Stream Outputs From Background Jobs In PowerShell
- Powershell Dynamic Parameters and How to Add Them to the Get‐Help Syntax
- RunSpaces In PowerShell
- How To Use Reflection And Prevent Using Internal & Private C# Methods in PowerShell