hiddenillusion/Useful_recommendations.md

## Useful_recommendations.md

      
    Raw
  

              Useful_recommendations.md
            
          
    Credentials


Technology
Rec.
Notes


Multi factor authentication


LAPS

Win


Pass-the-hash
Win


Least Privilege


Link
Notes


https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/privileged-access-workstations
Win


https://blogs.msdn.microsoft.com/aaron_margosis/2015/06/30/lua-buglight-2-3-with-support-for-windows-8-1-and-windows-10/
Win


Network


Technology
Rec.
Notes


Network
Segment network
Win


Web Proxies
Block uncategorized sites by default
e.g., w/ Bluecoat


Harden


Technology
Rec.
Notes


limit workstation-to-workstation communication


limit egress points
block outbound from servers via local FW


Logs


Technology
Rec.
Notes


WEF

Win


Misc


Technology
Rec.
Notes


Email
Prevent 3rd party employees (e.g., consultants) from sending email externally via corp. email address
Link	Notes
https://docs.microsoft.com/en-us/windows-server/identity/securing-privileged-access/privileged-access-workstations	Win
https://blogs.msdn.microsoft.com/aaron_margosis/2015/06/30/lua-buglight-2-3-with-support-for-windows-8-1-and-windows-10/	Win
Technology	Rec.	Notes
Network	Segment network	Win
Web Proxies	Block uncategorized sites by default	e.g., w/ Bluecoat
Technology	Rec.	Notes
limit workstation-to-workstation communication
limit egress points	block outbound from servers via local FW