# Lab SEC-2: Windows Security Settings

Domain:
- 2.0 Security

Works on:
- Windows
- Linux/macOS comparison where available

## Goal

Inspect Windows security settings without weakening protections.

## Windows Steps

Run:

```powershell
windowsdefender:
firewall.cpl
wf.msc
whoami
whoami /groups
net user
net localgroup administrators
manage-bde -status
gpresult /r
cipher /?
```

Record:
- Defender status:
- Defender definition/update status:
- Active firewall profile:
- Current user:
- Local users visible:
- Administrators group members:
- BitLocker status:
- Group Policy result available:
- What `cipher` is used for:

## Permissions Review

Create or choose a non-critical test folder.

1. Open folder Properties.
2. Open the Security tab.
3. View groups/users.
4. View Advanced permissions.
5. Check whether inheritance is enabled.

Do not remove permissions in this lab.

Record:
- One group/user:
- One allowed permission:
- Inheritance enabled:
- Owner:

## Linux Comparison

Run:

```bash
whoami
id
groups
```

Record:
- Current user:
- Groups:
- Sudo/admin indication:

## macOS Comparison

Run if you have Mac access:

```bash
whoami
id
groups
fdesetup status
```

Record:
- Current user:
- Groups:
- FileVault status:

## What You Should Learn

- Defender and Firewall are managed from Windows Security/Control Panel tools.
- NTFS permissions apply locally and over the network.
- Share permissions apply only over the network.
- BitLocker protects volumes.
- EFS protects individual NTFS files/folders.
- Group Policy is checked with `gpresult` and refreshed with `gpupdate`.