CyberPatriot scripts/checklists created by a CyberPatriot student (me) for my team's personal use on Windows-based VMs. Not authorized for use by other teams.
- Read the README
- Do all forensics questions
- Do any tasks outlined in the README (ex. creating groups)
- Manage users in accordance with the README using "Computer Management"
- Remove users that do not belong
- Change standard users who should be Administrators (and vice versa)
- Change insecure passwords
- Enable password expiration
- Force users to change passwords on next login
- Manage groups in accordance with the README using "Computer Management"
- Remove file shares using "Computer Management". However, the default shares (containing "$" in the name) should be kept.
- Local Security Policy
- Max password age: 60
- Min password age: 10
- Min password length: 8
- Password complexity: Enabled
- Reversible encryption: Disabled
- Password lockout attempts: 5
- Audits: all on SUCCESS and FAILURE
- Powershell
Set-ExecutionPolicy Unrestricted Set-ItemProperty -Path HKLM:\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU -Name AUOptions -Value 4
- 7 - security_templates/CyberPatriot.inf - not a script, but can be easily imported and configured to quickly set password policy, account lockout policy, audit policy, and security options
----- To be continued ---->