[IT168] The security of the Win 7 system is much better than the traditional operating system, but this does not mean that the security of the system is safe, because by default, many security features of the system are not To enable or set, we must make appropriate settings for them to make these security functions play their due role, so that the security of Win 7 system can be improved to a higher level!
1, make good use of BitLocker function, protect Privacy information
disk along with the growing popularity of removable media, protecting data security of these mobile media has become a topic of great concern to the people; in order to meet such security requirements, Win 7 system adds new secure mobile devices Secure full-disk encryption, this feature is actually the BitLocker feature. Although the traditional BitLocker function can only be effective on the system installation disk, and it is difficult to configure, you must manually create a separate disk partition, but the Win 7 system has overcome these shortcomings, and we can configure the BitLocker function very easily. To encrypt USB devices and flash memory devices, even if these mobile devices are lost in the future, others will not easily peek into the data content, so that there is no need to worry about the leakage of private information.
When configuring BitLocker function in Win 7 system, we can first open the system's "Start" menu, click on the "Control Panel" option, open the corresponding system's control panel window, and select the ones in turn. “System and Security”, “Bitlocker Drive Encryption” function icon, enter the disk drive list interface;
Secondly select the target disk partition that needs privacy protection, and click on the right side of the corresponding partition “Enable Bitlocker” ; link, open the Bitlocker Drive Encryption Wizard setting interface as shown in Figure 1, select the "Use password to unlock the drive" option, and then enter the appropriate unlock password;
Then click "Next" Button, when the wizard screen asks us how to store the recovery key, we can save it as a text file or print it out as needed, and finally click the “Enable Encryption” button, so that the target disk partition is successfully encrypted. And you must use a legal key to access it in the future. According to the content, if you can not remember the key content, then no one can peep into which the private information.
2, good at enabling restriction policy, denial of vulnerability program is exploited
Enable restriction policy
In order to protect system security, I believe many people will regularly update system vulnerability patches online to ensure that system vulnerabilities are not exploited by illegal attackers. However, this method only protects the security vulnerabilities of the Windows system itself, and does not protect the vulnerabilities of some applications. In order to prevent these application vulnerabilities from being illegally exploited, we can skillfully configure the software restriction policy of Win 7 system to limit the free connection of the application containing the vulnerability. The following are the specific restriction steps:
First open the Win 7 system. “Start” menu, from which you click on the “All Programs” button, click the “Run All” command, and enter the string command “gpedit.msc” in the pop-up system run text box. Click the Enter key to bring up the System Group Policy Console window;
Next, expand the “Computer Configuration” in the left side of the console window, and then click “Windows Configuration” to set the security settings to/or. "Software Restriction Policy" node option, right-click on the "Software Restriction Policy" option and execute the "Create Software Restriction Policy" command in the shortcut menu;
Select “ Software Restriction Policy ” Under the branch node, the "force" option, while double-clicking the option with the mouse, open as shown in Figure 2. In the option settings dialog box, select the "All users except local administrators" option, and then click the "OK" button to perform the setting save operation;
followed by the "software restriction policy" Under the branch node, select the "Other rules" sub-item, and then right-click the sub-item. From the pop-up shortcut menu, click the "New path rule" command to pop up the new path rule setting window, click “ Browse the ” button to select and add the target application containing the vulnerability, and finally adjust the "security level" to "not allowed", so that the attacker will not be able to exploit the vulnerability of the target application in the future. Attacked the Win 7 system.
3, good at controlling UAC function, improve security level
UAC settings
UAC function is not a new feature of Win 7 system, but compared to UAC function under Vista, Win 2008 system, Win 7 The user account control function has been significantly improved, and it is obviously more intelligent in distinguishing between illegal operation and legal operation, and we can freely control the UAC security level according to actual security needs, striving for operational efficiency and security performance. . In order to improve the security level, Win 7 system specially provides users with UAC function control scroll bar. Users only need to simply drag the mouse to find a balance between operational efficiency and system security.
In order to make the Win 7 system run as stable as possible, we should try to adjust the UAC security level to "Always notify", and when using this setting, the Win 7 system will pop up a lot less security tips than the Vista system. When adjusting the UAC security level, we can click the “Start”,“Control Panel" command on the Win 7 system desktop to click one by one in the pop-up system control panel window. User Account and Home Security & rdquo; & ldquo; user account & rdquo; icon options, enter the user account control list interface, click on the "change user account control settings" button, open the settings dialog shown in Figure 3;