Windows server 2022 安全基线加固 安全加固 仅供参考

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp]
"PortNumber"=dword:0000045a

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters]
"DisableIPSourceRouting"=dword:00000002

[HKEY_LOCAL_MACHINE\System Access]
"MaximumPasswordAge"=dword:0000005a
"MinimumPasswordLength"=dword:00000008
"PasswordComplexity"=dword:00000001
"PasswordHistorySize"=dword:00000002
"LockoutBadCount"=dword:00000001
"ResetLockoutCount"=dword:00000005
"LockoutDuration"=dword:00000005

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurePipeServers\winreg\AllowedPaths]
"Machine"=""

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters]
"NullSessionPipes"=""
"NullSessionShares"=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Restrictanonymous"=dword:00000001
"Restrictanonymoussam"=dword:00000001

[HKEY_LOCAL_MACHINE\Privilege Rights]
"SeShutdownPrivilege"="*S-1-5-32-544"
"SeRemoteShutdownPrivilege"="*S-1-5-32-544"
"SeProfileSingleProcessPrivilege"="*S-1-5-32-544"

[HKEY_LOCAL_MACHINE\Event Audit]
"AuditSystemEvents"=dword:00000003
"AuditLogonEvents"=dword:00000003
"AuditObjectAccess"=dword:00000003
"AuditProcessTracking"=dword:00000003
"AuditDSAccess"=dword:00000003
"AuditPrivilegeUse"=dword:00000003
"AuditAccountLogon"=dword:00000003
"AuditAccountManage"=dword:00000003

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\System]
"Retention"=dword:00000000
"MaxSize"=dword:00800000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application]
"Retention"=dword:00000000
"MaxSize"=dword:00800000

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Security]
"Retention"=dword:00000000
"MaxSize"=dword:00800000

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Tcpip\Parameters]
"SynAttackProtect"=dword:00000001
"TcpMaxPortsExhausted"=dword:00000005
"TcpMaxConnectResponseRetransmissions"=dword:00000002
"TcpMaxHalfOpen"=dword:000001f4
"TcpMaxHalfOpenRetried"=dword:00000190
"EnableICMPRedirect"=dword:00000000
"EnableDeadGWDetect"=dword:00000000
"TcpMaxDataRetransmissions"=dword:00000002
"PerformRouterDiscovery"=dword:00000000
"KeepAliveTime"=dword:000493e0
"EnablePMTUDiscovery"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
"Dontdisplaylastusername"=dword:00000001
"DontDisplayLockedUserId"=dword:00000003
"Disablecad"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"PasswordExpiryWarning"=dword:0000000e
"AutoAdminLogon"=dword:00000000
"CachedLogonsCount"=dword:00000005

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\LanmanServer\Parameters]
"AutoShareServer"=dword:00000000
"AutoShareWks"=dword:00000000

[HKEY_CURRENT_USER\Control Panel\Desktop]
"ScreenSaveActive"="1"
"ScreenSaveTimeOut"="300"
"ScreenSaverIsSecure"="1"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\W32Time\TimeProviders\NtpServer]
"Enabled"=dword:00000000

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers]
"DisableAutoplay"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\LanmanServer\Parameters]
"Autodisconnect"=dword:0000000f
"Enableforcedlogoff"=dword:00000001

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Control Panel\International]
"RestrictLanguagePacksAndFeaturesInstall"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\Printers]
"PointAndPrint!RestrictDriverInstallationToAdministrators"=dword:00000001
"EnableDeviceControl"=dword:00000001
"ApprovedUsbPrintDevices"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DNSClient]
"DoHPolicy"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Explorer]
"ShowOrHideMostUsedApps"=dword:00000000

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\PushNotifications]
"WnsEndpoint"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Policies]
"NtfsForceNonPagedPoolAllocation"=dword:00000001
"NtfsDefaultTier"=dword:00000001
"NtfsParallelFlushThreshold"=dword:00000001
"NtfsParallelFlushWorkers"=dword:00000001

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Policies\Microsoft\Windows NT\Printers]
"EnableDeviceControl"=dword:00000001
"ApprovedUsbPrintDevices"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\Kerberos\Parameters]
"CloudKerberosTicketRetrievalEnabled"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Netlogon\Parameters]
"DnsSrvRecordUseLowerCaseHostNames"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\SAM]
"SamNGCKeyROCAValidation"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\StorageSense]
"AllowStorageSenseGlobal"=dword:00000001
"AllowStorageSenseTemporaryFilesCleanup"=dword:00000001
"ConfigStorageSenseGlobalCadence"=dword:00000001
"ConfigStorageSenseCloudContentDehydrationThreshold"=dword:00000001
"ConfigStorageSenseRecycleBinCleanupThreshold"=dword:00000001
"ConfigStorageSenseDownloadsCleanupThreshold"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Appx]
"AllowAutomaticAppArchiving"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\AppPrivacy]
"LetAppsAccessBackgroundSpatialPerception"=dword:00000001
"LetAppsAccessBackgroundSpatialPerception_UserInControlOfTheseApps"=dword:00000001
"LetAppsAccessBackgroundSpatialPerception_ForceAllowTheseApps"=""
"LetAppsAccessBackgroundSpatialPerception_ForceDenyTheseApps"=""
"LetAppsActivateWithVoice"=dword:00000001
"LetAppsActivateWithVoiceAboveLock"=dword:00000001
"LetAppsAccessGraphicsCaptureProgrammatic"=dword:00000001
"LetAppsAccessGraphicsCaptureProgrammatic_UserInControlOfTheseApps"=dword:00000001
"LetAppsAccessGraphicsCaptureProgrammatic_ForceAllowTheseApps"=""
"LetAppsAccessGraphicsCaptureProgrammatic_ForceDenyTheseApps"=""
"LetAppsAccessGraphicsCaptureWithoutBorder"=dword:00000001
"LetAppsAccessGraphicsCaptureWithoutBorder_UserInControlOfTheseApps"=dword:00000001
"LetAppsAccessGraphicsCaptureWithoutBorder_ForceAllowTheseApps"=""
"LetAppsAccessGraphicsCaptureWithoutBorder_ForceDenyTheseApps"=""

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\DataCollection]
"DisableOneSettingsDownloads"=dword:00000001
"EnableOneSettingsAuditing"=dword:00000001
"LimitDiagnosticLogCollection"=dword:00000001
"LimitDumpCollection"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode]
"AllowSaveTargetAsInIEMode"=dword:00000001
"EnableExtendedIEModeHotkeys"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender]
"SupportLogLocation"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Exclusions]
"Exclusions_IpAddresses"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Windows Defender Exploit Guard\Network Protection]
"AllowNetworkProtectionOnWinServer"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\NIS]
"DisableDatagramProcessing"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Real-Time Protection]
"DisableScriptScanning"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows Defender\Signature Updates]
"MeteredConnectionUpdates"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\PassportForWork]
"UseCloudTrustForOnPremAuth"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Sandbox]
"AllowAudioInput"=dword:00000001
"AllowClipboardRedirection"=dword:00000001
"AllowNetworking"=dword:00000001
"AllowPrinterRedirection"=dword:00000001
"AllowVGPU"=dword:00000001
"AllowVideoInput"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]
"AutoSubscription"=dword:00000001

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows NT\Printers]
"EnableDeviceControl"=dword:00000001
"ApprovedUsbPrintDevices"=dword:00000001

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Control Panel\International]
"RestrictLanguagePacksAndFeaturesInstall"=dword:00000001

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"HideSCAMeetNow"=dword:00000001

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Explorer]
"ShowOrHideMostUsedApps"=dword:00000000

[HKEY_CURRENT_USER\Software\Policies\Microsoft\InputMethod\Settings\KOR]
"ConfigureImeVersion"=dword:00000001

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Main\EnterpriseMode]
"AllowSaveTargetAsInIEMode"=dword:00000001
"EnableExtendedIEModeHotkeys"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\PassportForWork]
"UseCloudTrustForOnPremAuth"=dword:00000001