Network security administrator operation skill test Level 3

Refer to GPT and your own ideas, to the above requirements, you can follow the following steps to configure:

1 Enabling the remote desktop and authorizing the Remote account to access the remote desktop
On the server, open the System Properties dialog box and click the Remote TAB.
Select the Allow Remote connection to this computer option and ensure that the Remote Desktop option is checked.
Click the "Select User" button to add the remote account to the list of remote users and authorize it for remote desktop access.
2 Disable the local login of the remote account, disable the remote shutdown permission of the remote account, and hide the Disconnect option in the power dialog box.
On the server, open the Local Security Policy dialog box, and choose Local Policy → User Rights Assignment.
Locate the Local Login and remote Shutdown permissions and remove the remote account from the permission list.
In the Group Policy Editor, choose User Configuration → Administration Templates → Start Menu and Taskbar, locate the Remove Disconnections from Start Menu and Taskbar option, and enable it.
3 Setting no time Limit for Remote Desktop connection
Open Group Policy Editor, and choose Computer Configuration → Administrative Templates → Windows Components → Remote Desktop Services → Remote Desktop Session Host.
Find Connection Timeout Limit and disable it or set it to 0(unlimited).
4 Enable inbound and outbound connections to port 3389 of the remote desktop and block inbound connections to shared port 139,445 and high-risk port 137,138. Use the port number naming rule
to open the Advanced Security application on the server and select Inbound Rules.
Create a rule to allow TCP connections from port 3389.
Create a new rule to block TCP and UDP connections from ports 139 and 445.
Create a new rule to block UDP connections from ports 137 and 138.
5 In firewall inbound rules, disallow predefined files and printers to share connections
Open the Advanced Security application on the server and select Inbound Rules.
Locate the File and Printer Sharing(SMB-In) rule and disable it or remove it.
After the above configuration, you can manage the server remotely and ensure the security of the system.

Network security administrator _ three _ operation skills examination problem solving process
very detailed, Can draw lessons from the < br / > < a href = "https://blog.csdn.net/Darkbrat/article/details/128342916" target="_blank"> https://blog.csdn.net/Darkbrat/article/details/128342916

If you don't think the above answer is detailed enough, I can make a video of you doing it. Windows server 2019

Why did I delete the remote user? I added

This answer quotes ChatGPT

1. Enable remote desktop and authorize remote account to access remote desktop:
Step:

(1) Open Remote Desktop Service Configuration on the server(run the "control system" or "mstsc" command), select "Allow remote connections to this computer", select "Allow remote desktop connections", and select the "Select User" button.

(2) In the Select User or Group window, click the "Add" button, enter "remote" and click the "Check Name" button, then select the "remote" user account, click the "OK" button, and then click the "Close" button.

2. Disable the local login of the remote account, cancel the remote shutdown permission of the remote account, and hide the "Disconnect" option in the power dialog box:
Step:

(1) Use the Local security policy editor(secpol.msc) to open the local security policy and choose Local Policy > User Rights Assignment.
(2) Locate the Allow logon Locally policy, double-click it to go to the editing screen, and delete the policy from the remote account list.
(3) Locate the Shutdown System policy, double-click it to go to the editing screen, and delete the policy from the remote account list.
(4) Use the Group Policy Editor(gpedit.msc) to open User Configuration - Administration Templates - Start Menu and Taskbar.
(5) Find the "Remove and deny access to shut down computer" policy, double-click to enter the editing interface, select "Enabled", and then check "disconnect" in the "Options" below, click "OK" button to save the Settings.

3. Set no time limit for remote desktop connection:
Step:

(1) Use Group Policy Editor(gpedit.msc) to open Computer Configuration - Administrative Templates - Windows Components - Remote Desktop Services - Remote Desktop Session Host.
(2) Find the "Connection Timeout limit" policy, double-click to enter the editing interface, select "Enabled", and then set the timeout limit to "never disconnect", click the "OK" button to save the Settings.

4. Open the inbound and outbound connections of port 3389 of the remote desktop, and block the inbound connections of shared port 139,445 and high-risk port 137,138 of the system, using the port number naming rule:

(1) Create an inbound connection rule that blocks shared port 139,445 and high-risk port 137,138:
(2) Set the rule type to Port.
(3) Select TCP.
(4) Set port numbers to 139, 445, 137, 138.
(5) Block the connection.

5. In firewall inbound rules, disallow predefined file and printer sharing connections:
Step:

(1) In Advanced Security Center, choose Inbound Rule > New Rule.
(2) Create a rule that disallows predefined file and printer sharing connections:
(3) Select File and printer Sharing as the rule type.
(4) Select Any Network.
(5) Block the connection.