2.5 Managing and Configuring Basic Security Settings in Microsoft Windows OS
COMPTIA A+ CORE 2 - DOMAIN 2
Cyber Wizard
This article provides an in-depth guide on configuring and managing security settings in Microsoft Windows, including antivirus, firewall, user management, login options, and encryption, as required for the CompTIA A+ exam.
CompTIA A+ Exam Domain: Domain 2.5 - Given a scenario, manage and configure basic security settings in the Microsoft Windows OS.
Defender Antivirus
Windows Defender Antivirus is the built-in security tool in Windows OS that provides real-time protection against malware, viruses, and other threats.
Activating/Deactivating Windows Defender
Enable Defender Antivirus:
Open Windows Security → Virus & threat protection.
Click Manage settings under Virus & threat protection settings.
Toggle Real-time protection ON.
Disable Defender Antivirus: (Not recommended unless using third-party antivirus)
Use Local Group Policy Editor (gpedit.msc) → Navigate to Computer Configuration → Administrative Templates → Windows Components → Microsoft Defender Antivirus → Set Turn off Microsoft Defender Antivirus to Enabled.
Updating Definitions
Open Windows Security → Virus & threat protection → Check for updates.
Use PowerShell: Update-MpSignature.
Firewall Configuration
Windows Defender Firewall provides protection by filtering network traffic and blocking unauthorized access.
Activating/Deactivating Firewall
Open Control Panel → Windows Defender Firewall → Click Turn Windows Defender Firewall on or off.
Use Command Prompt: netsh advfirewall set allprofiles state on (to enable) or off (to disable).
Port Security
Configure through Windows Defender Firewall with Advanced Security.
Open Inbound Rules → New Rule → Port.
Specify TCP or UDP and define the port number.
Application Security
Navigate to Windows Defender Firewall → Allow an app through firewall.
Add applications to allow or block network access.
Users and Groups
Windows user management allows administrators to assign permissions and manage access control.
Types of User Accounts
Local Account: A standalone user profile stored on the PC.
Microsoft Account: Syncs settings, OneDrive, and apps across devices.
Standard Account: Limited privileges, prevents system-wide changes.
Administrator Account: Full control over system settings and security configurations.
Guest User: Temporary access with restricted permissions.
Power User: A legacy role with some administrative privileges.
Managing Users and Groups
Open Computer Management (compmgmt.msc) → Local Users and Groups.
Use PowerShell: Get-LocalUser to view accounts, New-LocalUser -Name "UserName" -Password (ConvertTo-SecureString "Password" -AsPlainText -Force) -FullName "Full Name" -Description "Description" to create a user.
Login OS Options
Authentication Methods
Username and Password: Standard login method.
Personal Identification Number (PIN):
Configurable via Settings → Accounts → Sign-in options.
Fingerprint Recognition:
Requires compatible biometric hardware.
Set up via Windows Hello.
Facial Recognition:
Uses an IR-enabled camera and Windows Hello.
Single Sign-On (SSO):
Allows authentication across multiple services with one login.
Common in enterprise environments using Active Directory.
NTFS vs. Share Permissions
Windows uses two types of file system permissions: NTFS permissions and Share permissions.
NTFS Permissions (Applied to files and folders)
Full Control: Modify permissions, delete files, and take ownership.
Modify: Edit and delete files.
Read & Execute: Open files and execute programs.
Write: Add files and folders.
Read: View contents but make no changes.
Share Permissions (Applied over the network)
Full Control: Modify and delete shared files.
Change: Edit and delete files but cannot modify permissions.
Read: View shared files but cannot make changes.
File and Folder Attributes
Hidden: Hides a file from standard view.
Read-only: Prevents modifications to a file.
System: Identifies critical system files.
Inheritance
Inheritance: Subfolders and files inherit permissions from the parent folder.
Disable via Properties → Security → Advanced → Disable inheritance.
Run as Administrator vs. Standard User
User Account Control (UAC)
Prompts users when administrative privileges are required.
Prevents unauthorized system modifications.
Configure UAC via Control Panel → User Accounts → Change User Account Control settings.
Run as Administrator
Needed to execute privileged tasks.
Right-click an application and select Run as administrator.
Use Command Prompt: runas /user:Administrator "cmd.exe".
BitLocker and Encryption
BitLocker
Full-disk encryption for Windows OS and storage drives.
Requires TPM (Trusted Platform Module) or a USB key.
Enable via Control Panel → BitLocker Drive Encryption.
PowerShell: Enable-BitLocker -MountPoint "C:" -EncryptionMethod AES256 -UsedSpaceOnly.
BitLocker To Go
Encrypts removable USB drives for secure transport.
Enabled through Control Panel → BitLocker Drive Encryption.
Encrypting File System (EFS)
Encrypts individual files and folders within NTFS.
Right-click file → Properties → Advanced → Encrypt contents to secure data.
Requires administrator access to manage encrypted files.
Final Thoughts
Managing security settings in Windows is crucial for protecting systems from unauthorized access and threats. The CompTIA A+ exam tests proficiency in using Windows security tools, configuring accounts, enabling encryption, and managing firewall and antivirus settings to secure an enterprise environment.