Exercise Core Function
The Local Group Policy Editor was used to strengthen Windows Defender Antivirus on a Windows 10 computer. The aim was to keep the antivirus running, ensure real-time scanning, and prevent standard users from disabling security features.
What I Studied
I explored endpoint hardening through Local GPO configurations. The focus was on antivirus enforcement, using tools such as the Local Group Policy Editor (gpedit.msc) and policy refresh commands (gpupdate /force) to apply and validate changes.
What I Learned
I gained practical experience configuring and testing GPO policies, verifying their effectiveness, and managing user access restrictions. I also confirmed that system reboots or forced policy updates were necessary to ensure persistent enforcement.
Why It Matters
These hardening measures help reduce risks, improve compliance, and maintain system integrity. A real-world analogy is locking every office door to ensure no one can slip in unnoticed — each policy reinforces another layer of defense.
How It Maps to the Job/Framework
- NICE (Protect & Defend): Reinforces endpoint defense through system configuration management.
- ASD (Endpoint Security Operations): Demonstrates control over antivirus enforcement and user restrictions.
Key Takeaways
- A structured GPO application enforces persistent endpoint security.
- Real-time and behavioral monitoring reduce malware exposure.
- Restricting standard user privileges ensures policies cannot be bypassed.
- Policy refresh and testing validate enforcement.
- Documenting the process provides professional evidence of applied skills.
See my report below for the technical summary and validation of this Windows Defender hardening exercise: