1-darsO'chirish yoki cheklashni ko'rib chiqiladigan xizmatlar: xavfli xizmatlarni sanash (masalan, Remote Registry, SSDP, UPnP, Bluetooth Support) va services.msc orqali xavfsiz o'chirish tartibiHujum yuzasini oshiradigan Windows 7 xizmatlarini, masalan, Remote Registry yoki UPnP ni aniqlang va services.msc yordamida ularni o'chirish yoki cheklashning xavfsiz usullarini o'rganing, shu jumladan bog'liqliklarni tekshirish va orqaga qaytarishni rejalashtirish.
Inventorying enabled Windows 7 servicesIdentifying high-risk legacy servicesDisabling services via services.mscChecking dependencies before changesRollback and monitoring after changes2-darsHisob boshqaruvini mustahkamlash: o'rnatilgan hisoblarni qayta nomlash yoki o'chirish, interaktiv kirishlarni cheklash va kirish soatlarini belgilashO'rnatilgan hisoblarni qayta nomlash yoki o'chirish, interaktiv kirishlarni cheklash, kirish soatlarini belgilash va kuchli mahalliy va domen identifikatorlarining noto'g'ri ishlatilishini kamaytirish uchun foydalanishni monitoring qilish orqali hisob boshqaruvini mustahkamlang.
Renaming or disabling AdministratorRestricting Guest and shared accountsLimiting local interactive logonsConfiguring logon hours and workstationsReviewing account usage and anomalies3-darsXavfsiz logging va saqlash: Windows Event Forwarding yoki jadval bo'yicha eksportlar orqali Event Loglarini markazlashtirishWindows Event Forwarding yoki eksportlardan foydalanib Windows 7 Event Loglarini markazlashtirishni tushuning, saqlash muddatlarini aniqlang, log butunligini himoyalang va hodisa javobi va muvofiqlik tekshiruvlari uchun loglar mavjudligini ta'minlang.
Key Windows 7 log types to collectConfiguring Windows Event ForwardingScheduled log export and archivalProtecting log integrity and accessDefining retention and storage limits4-darsEng kam imtiyozni joriy qilish: standart foydalanuvchi hisoblari va ko'tarish tartiblari (Run as) dan foydalanishStandart foydalanuvchi hisoblaridan foydalanib, Run as bilan nazoratli ko'tarish va administrativ vazifalarni ajratish orqali Windows 7 da eng kam imtiyozni joriy qiling. Kerakli qo'llab-quvvatlash jarayonlarini saqlagan holda mahalliy admin ishlatishini kamaytiring.
Creating and using standard user accountsSeparating admin and daily use profilesUsing Run as and elevation promptsLimiting local administrator membershipAuditing privileged activity regularly5-darsDisk shifrlash variantlari (Windows 7 Professional da BitLocker talablari), foydalanish holatlari va eski apparatda ehtiyot choralarWindows 7 uchun disk shifrlash variantlarini tushuning, shu jumladan Professional nashrlarida BitLocker talablari va cheklovlari. Qachon shifrlash, kalitlarni boshqarish va tarqatishdan oldin eski apparatda sinovdan o'tkazishni o'rganing.
BitLocker prerequisites and editionsSelecting volumes and data to encryptKey storage and recovery proceduresPerformance impact on legacy hardwareBackup and rollback considerations6-darsWindows Firewall with Advanced Security ni sozlash: kiruvchi/chiquvchi qoidalarni yaratish, xizmatlar va portlarni minimal to'plamga cheklashWindows Firewall with Advanced Security ni o'rganing, kiruvchi va chiquvchi trafigi cheklash, xizmatlar va portlar uchun nozik qoidalarni yaratish, profil qo'llash va kritik eskirgan ilovalarni buzmaslik uchun konfiguratsiyalarni sinash.
Reviewing existing firewall profilesCreating inbound service rulesRestricting outbound application trafficUsing scope, users, and interface filtersTesting and documenting firewall changes7-darsOS EOL bo'lganda patch strategiyasi: virtual patch, hujum yuzasini cheklash, uchinchi tomon ilovalarini ustuvor patch qilish va sinovdan keyin firmware/drayver yangilanishlarini qo'llashQo'llab-quvvatlanmaydigan Windows 7 tizimlarini himoyalash uchun ochiq xizmatlarni kamaytirish, tarmoq qatlamlarida virtual patch qo'llash, uchinchi tomon yangilanishlarini ustuvorlashtirish va sinovdan keyin firmware va drayver patchlarini xavfsiz tarqatishni o'rganing.
Identifying critical exposed servicesVirtual patching with network controlsPrioritizing third-party application fixesTesting firmware and driver updatesDocumenting patch exceptions and risks8-darsFizik va operatsion nazoratlar: olinadigan media siyosatlari, USB cheklovlari va xavfsiz yuklash/BIOS parol amaliyotlariWindows 7 uchun fizik va operatsion nazoratlarni qo'llang, shu jumladan BIOS va yuklash parollari, olinadigan media cheklovlari va USB qurilma siyosatlari, eskirgan tugachilarda ruxsatsiz kirish va ma'lumot chiqarishni oldini olish uchun.
Setting BIOS and boot passwordsRestricting boot order and mediaUSB storage and device control optionsHandling lost or stolen legacy devicesOperational procedures for technicians9-darsMahalliy xavfsizlik siyosati o'zgarishlari: qo'llanilgan audit siyosatlari, User Rights Assignment va xavfsizlik variantlari (masalan, SMB imzolash, LAN Manager autentifikatsiya darajasi)Local Security Policy dan foydalanib Windows 7 ni mustahkamlang, audit siyosatlarini sozlash, User Rights Assignment va SMB imzolash va LAN Manager darajalari kabi xavfsizlik variantlarini sozlash, eskirgan domenlarda moslik muammolarini monitoring qilish.
Configuring detailed audit policiesAdjusting User Rights AssignmentTuning SMB signing requirementsSetting LAN Manager auth levelsExporting and reusing policy templates10-darsTarmoq segmentatsiyasi va xostga asoslangan cheklovlar: server va boshqaruv xostlariga kirishni cheklash uchun firewall qoidalarini sozlashTarmoq segmentatsiyasi va xostga asoslangan cheklovlardan foydalanib Windows 7 kirishini faqat kerakli serverlar va boshqaruv stansiyalariga cheklang. Oqimlarni xaritalash, subnetlarni cheklash va izolyatsiya xizmatlarni buzmasligini tasdiqlashni o'rganing.
Mapping required network communicationRestricting access to admin subnetsLimiting exposure to user networksFirewall rules for management hostsValidating segmentation with testing11-darsWindows 7 da mavjud ilova ruxsat berish variantlari (Applocker alternativlari, Software Restriction Policies) va joylashtirish masalalariWindows 7 da ilova ruxsat berish variantlarini ko'rib chiqing, shu jumladan Software Restriction Policies va cheklangan AppLocker stsenariylari. Qoidalarni loyihalash, audit rejimida sinash va minimal buzilish bilan konfiguratsiyalarni joylashtirishni o'rganing.
Choosing SRP versus AppLocker optionsDesigning path and hash-based rulesUsing audit mode before enforcementDeploying policies to multiple hostsMaintaining allowlists over time12-darsMahalliy foydalanuvchi va parol siyosati konfiguratsiyasi: parol murakkabligi, uzunligi, muddati, hisob bloklash Local Security Policy (secpol.msc) orqaliStandalone Windows 7 tizimlarida mahalliy parol va hisob bloklash siyosatlarini sozlang. Murakkablik, uzunlik, muddati va bloklash chegaralarini Local Security Policy (secpol.msc) yordamida belgilang va foydalanuvchi bloklash muammolarini oldini oling.
Password length and complexity rulesPassword history and expiration tuningAccount lockout thresholds and timersConfiguring policies in secpol.mscBalancing usability with brute-force risk13-darsBarqarorlik va minimal o'zgarishlarni muvozanatlash uchun qabul qilinadigan xavfsizlik holatini aniqlashXavfni kamaytirish va tizim barqarorligini muvozanatlash uchun Windows 7 uchun realistik xavfsizlik bazasini aniqlang. Tizimlarni tasniflash, minimal nazoratlarni belgilash, qabul qilingan xavflarni hujjatlashtirish va vaqt o'tishi bilan inkremental yaxshilanishlarni rejalashtirishni o'rganing.
Classifying legacy system criticalitySetting minimum baseline controlsEvaluating impact versus security gainDocumenting accepted residual risksPlanning phased hardening improvements14-darsWindows 7 bilan mos antivirus/antimalware strategiyasi va offline yangilanish usullariWindows 7 ni qo'llab-quvvatlaydigan antivirus va antimalware vositalarini tanlashni o'rganing, real vaqt va jadval bo'yicha skanerlarni sozlang va izolyatsiyalangan tarmoqlarda offline ta'rif yangilanishlari va qo'lda tarqatish yordamida himoyani saqlang.
Supported AV products for Windows 7Configuring real-time and scheduled scansOffline definition downloads and stagingUpdating isolated and air-gapped hostsVerifying AV health and event alerts
