| Run Security Configuration Wizard to get a basic idea about the system. |
| Install the latest service packs and hotfixes from Microsoft. |
| Enable automatic notification of patch availability. |
| Configure Audit policies. |
| Configure Account policies. |
| Disable the guest account. |
| Ensure that no shares can be accessed anonymously. |
| Disable or uninstall unused services. |
| Disable or delete unused users. |
| Ensure all volumes are using the NTFS file system. |
| Disable default RDP port. |
| Change default port for FTP, MSSQL. |
| Disable SA USER and create another user with SA Privileges. |
| Run virus scan using Clamwin Antivirus. |
| IIS hardening. |
| Perform Google Mal-ware scanning and removal/cleaning. |