Windows 7 is known as the most secure platform in the history of Windows operating system, and it is indeed true. The author has been in close contact with the Windows 7 system for almost a year and has not encountered any serious security problems. During use, I found that the related functions of Windows 7's own security settings have been greatly improved compared to XP and Vista systems, and the various settings are also richer. Below I will teach you how to set up some security settings for the system and lay out a comprehensive security defense line for the system to make your Windows 7 more secure!
1. Strengthen account control and create the first security level
The primary security factor of this system is the account and password we use to log in to the system and the control authority we have over the computer. The user password setting in Windows 7 is simpler, and the "parental control" function adds a variety of new functions, which is richer than the previous system.
Enter the system with a "pass"
Although adding a login password to the system is no obstacle to experts, it is undeniable that it can still protect most people. Otherwise, anyone can use the computer at any time. We can also add low-privilege users in Windows 7 as needed for others to use, thus adding the first line of security to the system.
Step 1: Click "Start → Control Panel", then click "Add or Remove User Accounts" under "User Accounts and Family Safety". A dialog box will appear, then click "Create a new account" and enter the account name. Select "Standard User" and finally click the "Create Account" button to create a new account.
Step 2: Click "General User" to enter the account setting interface, click the "Create Password" button to enter the password, and then click the "Create Password" button. Use this method to add passwords to all accounts in the system, especially administrator-level accounts. After turning on the computer, select the account and enter the password to log in to the system.
Use "Parental Control" well
"Parental control" literally means it is provided for parents to use, so that parents can monitor their children's use of computers in an all-round way and prevent the negative impact of computer networks on their children. The author believes that "parental control" is just a name given by Microsoft to reflect the monitoring function. It essentially reflects the relationship between management and being managed, and is a kind of permission control. Making good use of "Parental Control" can achieve powerful account management and monitoring. Here we set up parental control for "ordinary users".
Step 1: Open the Control Panel, click the "User Accounts and Family Security" option, then click the "Parental Control" switch interface, click "Normal User", and you will be prompted for all administrator-level accounts in the system. Set a password, enter the parental control interface after setting, and select the "Enable, apply current settings" option.
Step 2: Click the "Time Limit" button to switch the interface. Here, the time period is divided by week and time. The time period is hour, indicating a certain time on the day of the week. When clicking in the box turns blue, the current time Then it cannot be turned on. When the square is white, it is the boot time. Finally, click the "OK" button to complete the setting. Through time limits, we can easily control the computer time of ordinary users.
Step 3: Click "Allow and block specific programs" and then select "Ordinary users can only use programs I allow". At this time, the software available in the system will be detected, and the checked software can be used, such as: Daily If Office is used for word processing, check the programs under Office. For some programs that have not been retrieved, click the "Browse" button to add them manually, and finally click the "OK" button. In this way, when the user is using a program that is not allowed, the system will prompt "Parental control has blocked this program." If you want to obtain permission to use the program, just click the "Please ask the administrator for permission" button above the prompt box and enter the management The administrator password provided by the administrator can be used.
2. Four important security settings must be set up
Patching, setting security levels, these functions are available in XP and VISTA, and Windows 7 has a richer series of functions. The selection of patches is more diverse, and the security level settings are also divided into four levels (VISTA can only be turned on and off). It also provides automatic playback control and enhanced anti-spyware tools to make the system itself more secure.
"Sewing and repairing" to ensure safety
Any piece of software will inevitably have loopholes, and Windows is no exception. In order to plug loopholes, Microsoft has been doing this kind of patchwork. Although the security of Windows 7 has been greatly improved, patching vulnerabilities at any time cannot be ignored.
Tip: Use third-party tools to update your system
In addition to using the system's own update function to patch the system, we can also use some third-party tools (such as 360 Security Guard, Kaka Internet Security Assistant, etc.) to patch vulnerabilities in the system. For Windows 7 obtained through abnormal channels, it is best not to install all Windows 7 updates, otherwise the system may be recognized as pirated and requires activation before use. At this time, third-party tools can be used to selectively download and install updates.
Step 1: Enter the Control Panel, click the "System and Security" button, and then click the Windows Update button to enter automatic updates. Clicking the "Check for Updates" button will automatically connect to Microsoft's official website to detect the system. All computer updates will be listed. Click the "Install Updates" button to automatically download and install system updates.
Step 2: Click the "Change Settings" button, select "Check for updates, but let me choose whether to download and install updates" under "Important Updates", below you can also set the time to install new updates, and finally click " OK" button. In this way, when there is an update in the future, the system will prompt us to download and install it.
Improve system security level
Starting with Windows Vista, Microsoft introduced User Account Control (UAC). We can set the security level of UAC as needed to improve the security level of the system accordingly.
Tips: UAC security levels from high to low are: Always notify, Notify me only when a program tries to make changes to my computer, Notify me only when a program tries to make changes to my computer (without reducing desktop brightness), Never notify. The higher the security level, the more frequently UAC function dialog boxes will pop up, which may cause a lot of inconvenience. Between safety and convenience, everyone can choose according to their needs.
Click the "Start" button, enter UAC in the "Search Box" and press Enter to open the "User Account Control Settings" window. Four levels of security protection are provided here. Drag the slider to the top. This is The most secure setting, a notification is issued and the desktop is dimmed before the program makes changes to your computer or Windows settings (requires administrator rights). You cannot perform other operations on the computer until you accept or deny the request in the UAC dialog box. A dimmed desktop is called a secure desktop, and other programs cannot run when the desktop is dimmed.
Set up autoplay function as needed
The system autoplay function that comes with Windows can automatically perform certain operations (such as automatically playing discs, videos, etc.). Although this is more convenient, it also brings security risks. We can set it up in a targeted manner and use the automatic playback function as needed.
Go to the Control Panel, click the "Hardware and Sound" option, then click the "AutoPlay" button to open the dialog box, deselect the "Use AutoPlay for all media and devices" option, all media are listed below, click the following The drop-down menu allows you to select the operation to be performed, such as: do not perform the operation, ask every time, etc., and finally click the "Save" button.
Give rogue software nowhere to hide
In order to prevent users from being harmed by spyware and rogue tools, Windows 7 integrates a free anti-spyware tool - Windows defender. Windows defender provides two ways to protect your computer: scanning and real-time protection. Next, we will use Windows defender to detect the system so that rogue software has nowhere to hide.
Step 1: Click the "Start" menu, enter Windows defender in the "Search box" and press Enter to open the tool. Click the "Check for updates now" button to upgrade Windows defender's virus database. Convenient to detect and kill the latest malware.
Step 2: Click the "Scan" button and select "Quick Scan" to quickly check the system. Selecting "Full Scan" will conduct a comprehensive detection of the system, and the time used will also increase significantly. After the scan is completed, if there is rogue software, a warning box will appear. After selecting it, click the "Delete All" button.
Step 3: Click "Tools" to switch to the "Tools and Settings" option. Click "Options" to display a dialog box. In "Automatic Scan" you can set the frequency, time and type of automatic computer scans. In "Default Action" Various alarm levels can be automatically processed (deleted or quarantined). Below you can also select objects for real-time protection. In "Real-time Protection" you can set up automatic scanning of downloaded files and attachments, as well as scanning of programs running on your computer.
3. Strengthen network security settings, and IE8 upgrades new protection functions
Nowadays, the Internet is the most common way for various viruses to spread. In recent years, methods such as phishing and web page malware have emerged in endlessly, making it difficult for people to resist. The network security settings in Windows 7 are also very rich. The built-in IE8 provides a variety of security protection functions, and the system firewall has also been upgraded to make it easier to use.
Turn on IE8 security protection
Browsers are the main way for us to surf the Internet. Most viruses come through browsers. Internet Explorer 8.0 browser (IE 8 for short) is built-in by default in Windows 7. Security has been greatly improved, but if you want to protect For the security of IE8.0 browser, commonly used settings are still indispensable.
Comprehensively clean up personal privacy
During the process of browsing the web, the URL will be left in the address bar, the website address will be in the history, and some usernames and passwords will be retained in cookies. These will leak your personal privacy, so they must be cleaned up.
After opening IE 8, select the menu "Tools → Internet Options", switch to "General", click the "Delete" button under "Browsing History" to display a dialog box, and then select the items to be deleted (such as: Temporary Internet files, Cookies, form data, etc.), and then click the "Delete" button to delete it. If you find it troublesome to delete it manually every time, you can select "Delete browsing history on exit" under "Browsing History", so that when you close IE after surfing the Internet, the browsing history will be automatically cleared.
Surf the web without leaving traces
In addition to deleting browsing history, IE 8.0 also provides another way to surf the Internet without leaving any traces - Inprivate Browsing. Using this mode, the Internet browser will not store any browsing history, and of course it will not exist. The problem of deletion is gone, leaving no trace on the Internet, preventing problems before they occur, and giving us more peace of mind.
Select the menu "Tools → InPrivate Browsing" to turn on the InPrivate mode. At this time, surfing the Internet will not leave any traces.
Stay away from "phishing"
Have you ever heard of "phishing"? The simplest example: Some criminals imitate the real bank website and make it exactly the same, and then use emails or other methods to trick you into logging in and entering your bank account number and password. The result... - this It is the most typical "phishing website", also called a counterfeit website. Of course, this is not the only way. There are more crises that you can’t even imagine or feel are slowly approaching... Don’t be afraid now! IE8 can help us in various ways to avoid falling into danger and stay safe step by step. Anti-phishing!
Step 1: The URLs of some websites seem to have no problem, but due to the development of network technology, no one can guarantee that what they see is real. A common method is cross-site attack, which can be avoided by turning on the XSS filter function. Such attacks. Select the menu "Tools → Internet Options", switch to the "Security" option, click the "Custom Level" button, and select "Enable" for "Enable XSS Filter" under "Scripts", which is enabled by default.
Step 2: In order to avoid attacks from malicious websites as much as possible, the SmartScreen filter that comes with IE 8.0 can compare the current URL with the URLs in the Microsoft database. Once a website is found, a warning will pop up. Click "Security → SmartScreen Filter → Turn on SmartScreen Filter..." on the toolbar. This feature is also enabled by default. If you find a malicious website while surfing the Internet, you can select "Report Unsafe Website" to report the malicious website to the Microsoft database to prevent others from being fooled.
Comprehensive plug-in management
It is undeniable that many plug-ins can enhance the functions of IE, but there are always some plug-ins that will bring security risks to IE, which may affect our entire system. Therefore, it is very important to strengthen the management of plug-ins.
Tips: Under normal circumstances, when we open a website, we usually look at the first part of the URL to determine whether it is safe. However, the first part of some URLs is safe, but the real connection may be the later URL. If you encounter such a URL, IE 8.0 will automatically identify the real URL of the link and display it in high black, while other parts of the URL will be gray.
Select the menu "Tools → Manage Add-ons" and a dialog box will appear. Click the "Toolbars and Extensions" option. Here you can see various plug-ins in IE. After selecting the unnecessary plug-ins, click "Disable" below. Just click the button.
Tips: If you feel that Windows 7 starts slowly, you can click the "Start" button, enter msconfig in the "Search box" to open the "System Configuration" interface, switch to the "Startup" option, and deselect some useless or If there are any doubtful items, click the "OK" button and restart the computer according to the prompts. Some malicious tools often enter the startup process. Remember to check the startup items frequently.
Make good use of the system’s built-in firewall
Firewall has been built-in since Windows Xp, but it has been ignored by everyone. In Windows 7, the firewall has been strengthened, and ordinary users can use it to resist external attacks. When there is software in the system trying to connect to the network, the firewall will pop up the "Windows Security Alert" window, adding the first "protection network" to the system. ".
Step 1: Enter the control panel, click the "System and Security" button to switch windows, and then click "Windows Firewall" to enter the firewall setting interface. Click "Allow a program or feature through Windows Firewall" on the left to display a dialog box, where you can view which programs or features on your computer will connect to the network. Deselecting a program will prohibit it from connecting to the network. If the required network-connected program does not appear in the list, click "Allow another program to run..." and then select the startup file of the corresponding program.
Tips: If there are multiple network environments, you can also select it later in the program so that it can connect to the network in a specific environment. For some unsafe programs, click the "Remove" button to remove them from the program list.
Step 2: Click the "Change Notification Settings" button, where you can set up to prevent all programs from connecting to the network. Click the "Turn Windows Firewall on or off" button to choose to turn off or turn on Windows Firewall. If a third-party firewall is used, Windows Firewall can be turned off. Click the "Restore Default" button to restore Windows' firewall to its original state.
Shared resources refuse to be "leaked"
Computers in a local area network often set up sharing for the convenience of resource use. After turning on network discovery in Windows 7, it not only facilitates the discovery of other shared resources on the network, but also exposes itself to the shared network. Therefore, when resource sharing is not needed for a long time, it is best to temporarily turn off the network discovery function.
Enter the Control Panel, click the "Network and Internet" button to switch windows, then click the "Network and Sharing Center" button to enter the Settings Center, click "Change Advanced Sharing Settings" and a dialog box will appear, select "Close" under "Network Discovery" Network Discovery" and finally click the "Save Changes" button.
Tip: Run Command Prompt as administrator and enter the following command:
Net Config Server /hidden: Yes. After 30 minutes, Windows 2000/XP computer users will no longer be able to see our computer in "My Network Places".
Write at the end to protect the security of the system. In addition to the above-mentioned arming settings, personal computer usage habits are also very important. For example: do not browse or search for unhealthy information, do not install software from unknown sources... By doing this, the chances of your computer being infected with viruses will be greatly reduced, and Windows 7 will be safer.