Αυστηροποίηση πολιτικών ασφάλειας λειτουργικού συστήματος σε Microsoft Windows 11

Hardening Microsoft Windows 11 security policies

Thumbnail
Bachelor Dissertation
Author
Λουκά, Τάσος
Date
2025-06
Advisor
Πατσάκης, Κωνσταντίνος
View/Open
Keywords
CIS benchmark ; CIS-CAT Lite ; Hardening ; PowerShell ; Firewall 
Abstract
This project focuses on enhancing the security of Windows 11 systems by making them more resilient to threats, following the guidelines provided by the Center for Internet Security (CIS) through the CIS Benchmark v3.0.0 for standalone systems (https://www.cisecurity.org/benchmark/microsoft_windows_11). The idea is to apply targeted changes to key operating system settings in order to reduce potential vulnerabilities. To achieve this, PowerShell scripts were developed to automate the security hardening process, intervening in areas such as the Windows Registry, security policies, user permissions, and the Windows Firewall. The development was based on the official Microsoft PowerShell documentation (https://learn.microsoft.com/en-us/powershell/). To evaluate the system's security status before and after the interventions, the CIS-CAT Lite tool was used. This tool allows the measurement of compliance scores based on CIS standards (https://www.cisecurity.org/cis-cat-lite). The project includes: · Analysis of the key CIS Benchmark recommendations and how they enhance the security of a Windows 11 system. · Implementation of settings via PowerShell scripts that modify password policies, Registry configurations, user rights, and Firewall operations. · Comparison of the system’s security posture before and after applying the scripts, using logs and assessment tools. · Conclusions and suggestions for further improvements based on the needs of corporate and personal environments. Additionally, attention was given to known historical attack examples, such as the WannaCry ransomware, which exploited a vulnerability in the SMBv1 protocol (https://msrc.microsoft.com/update-guide/vulnerability/CVE-2017-0144), to ensure that the system is not exposed to similar risks. Upon completion, a fully automated security hardening framework was created, which can be easily applied to other Windows 11 machines, offering a higher level of protection and compliance with international standards.
Department
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα Πληροφορικής
Number of pages
89
Language
Greek
URI
https://dione.lib.unipi.gr/xmlui/handle/unipi/18075
Collections
Show full item record
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού-Μη Εμπορική Χρήση-Όχι Παράγωγα Έργα 3.0 Ελλάδα
Βιβλιοθήκη Πανεπιστημίου Πειραιώς
Contact Us
Send Feedback
Created by ELiDOC
Η δημιουργία κι ο εμπλουτισμός του Ιδρυματικού Αποθετηρίου "Διώνη", έγιναν στο πλαίσιο του Έργου «Υπηρεσία Ιδρυματικού Αποθετηρίου και Ψηφιακής Βιβλιοθήκης» της πράξης «Ψηφιακές υπηρεσίες ανοιχτής πρόσβασης της βιβλιοθήκης του Πανεπιστημίου Πειραιώς»