WinInfoSec community, what's your opinion on policy for local Administrator & Guest accounts on wks/srv?
I would go with:
* keeping default account w/o renaming
* disable guest
* LAPS on RID 500
* FilterAdministratorToken = 0
* LocalAccountTokenFilterPolicy = 0
Do you agree?
61%
Yes!
22%
With conditions (comment)
17%
No (comment)
23 votes • Final results