Answers to the Basic Frequently Asked Questions
This document has answers to the most basic frequently asked questions about this repository.
1 - Very Easy
Then let this be your initiation.
No, you can use it any time.
Absolutely not.
Every security feature needed is already available in Windows. After Installing the Harden Windows Security Module, run PowerShell as Admin and use the command Protect-WindowsSecurity to activate them.
Here is a more technical explanation
Uninstall it by going to Windows Settings -> Apps -> Installed Apps -> Search for your Antivirus software's name and Uninstall it.
- Check and install any updates from Windows Update
- Check and install any updates in Microsoft Store
- Install and run the Harden Windows Security Module
In the Categories section on Readme, you will find all the categories available in the Harden Windows Security module with thorough explanation and links for each of them.
For example:
-
BitLocker category is useful for providing physical security for your computer and data.
-
Optional Windows Features category is useful for disabling unnecessary optional and rarely used features, also for enabling useful optional features in Windows.
-
Country IP Blocking category is not necessary to run, unless you really want to block connections to and from those listed countries.
-
Certificate Checking Commands category is useful for quickly gaining additional insights about the available certificates on your computer.
All other categories are very much recommended to run.
Only 1 time.
Yes, it's a very capable automated AI-driven security feature.
No. Because Modern hardware are built for Windows security features such as Virtualization Based Security, BitLocker etc. They expect these advanced security features to be turned on and running on a secure system.
Only very old and unsupported hardware might experience degraded performance when using modern security features.
You can revert the changes by running the command Unprotect-WindowsSecurity in PowerShell.
No. The requirements are very basic and minimum, they are even less than what's required by Windows 11 minimum hardware.
Ask away by opening a new Discussion
-
New-WDACConfig
-
New-SupplementalWDACConfig
-
Remove-WDACConfig
-
Edit-WDACConfig
-
Edit-SignedWDACConfig
-
Deploy-SignedWDACConfig
-
Confirm-WDACConfig
-
New-DenyWDACConfig
-
Set-CommonWDACConfig
-
New-KernelModeWDACConfig
-
Get-CommonWDACConfig
-
Invoke-WDACSimulation
-
Remove-CommonWDACConfig
-
Assert-WDACConfigIntegrity
-
Build-WDACCertificate
-
Test-CiPolicy
-
Get-CiFileHashes
-
ConvertTo-WDACPolicy
-
Set-CiRuleOptions
-
Get-CIPolicySetting
-
Introduction
-
WDAC for Lightly Managed Devices
-
WDAC for Fully managed device - Variant 1
-
WDAC for Fully managed device - Variant 2
-
WDAC for Fully managed device - Variant 3
-
WDAC for Fully managed device - Variant 4
-
WDAC Notes
-
How to Create and Deploy a Signed WDAC Policy
-
Fast and Automatic Microsoft Recommended Driver Block Rules updates
-
WDAC policy for BYOVD Kernel mode only protection
-
EKUs in WDAC, App Control for Business, Policies
-
WDAC Rule Levels Comparison and Guide
-
Script Enforcement and PowerShell Constrained Language
-
How to Use Microsoft Defender for Endpoint Advanced Hunting With WDAC App Control
-
Application Control (WDAC) Frequently Asked Questions (FAQs)
-
Create Bootable USB flash drive with no 3rd party tools
-
Event Viewer
-
Group Policy
-
How to compact your OS and free up extra space
-
Hyper V
-
Overrides for Microsoft Security Baseline
-
Git GitHub Desktop and Mandatory ASLR
-
Signed and Verified commits with GitHub desktop
-
About TLS, DNS, Encryption and OPSEC concepts
-
Things to do when clean installing Windows
-
Comparison of security benchmarks
-
BitLocker, TPM and Pluton | What Are They and How Do They Work
-
How to Detect Changes in User and Local Machine Certificate Stores in Real Time Using PowerShell
-
Cloning Personal and Enterprise Repositories Using GitHub Desktop
-
Device Guard and Virtualization Based Security in Windows
-
Only a Small Portion of The Windows OS Security Apparatus
-
Clean Source principle, Azure and Privileged Access Workstations
-
How to Securely Connect to Azure VMs and Use RDP
-
Basic PowerShell tricks and notes
-
Basic PowerShell tricks and notes Part 2
-
Basic PowerShell tricks and notes Part 3
-
Basic PowerShell tricks and notes Part 4
-
Basic PowerShell tricks and notes Part 5
-
How To Access All Stream Outputs From Thread Jobs In PowerShell In Real Time
-
PowerShell Best Practices To Follow When Coding
-
How To Asynchronously Access All Stream Outputs From Background Jobs In PowerShell
-
Powershell Dynamic Parameters and How to Add Them to the Get‐Help Syntax
-
RunSpaces In PowerShell
