In today’s time Windows 11 can be regarded as one of the most secure versions of the operating system. Moreover, there exists other various ways using which one can increase the PC’s security to a greater extent. For instance, checking for system upgrades, setting up security features like firewalls, ransomware and phishing protection, etc. Henceforth, this post exists of 20 best security settings to configure on Windows 11 that will allow the user to use the PC without any prior risk.
Page Contents
20 best security settings to configure on Windows 11
There exist various security settings to configure on Windows 11 which will lead to the enhancement of the security of the PC respectively. Thus, let us look at the main security settings to configure on Windows 11 to increase security of the system.
1. Enabling DNS over HTTPS(DoH) to configure
DNS over HTTPS is a security setting that encrypts DNS (Domain Name System) queries using the HTTPS (Hypertext Transfer Protocol Secure) protocol, improving security and privacy. This prevents third parties from intercepting queries. Various modern web browsers such as Firefox, Chrome, etc. supports this feature. Moreover, this feature can also be enabled in Windows 11. The steps to follow which allow the security settings to configure on Windows are as follows-
Step 1- Firstly, go to Settings and select Network and internet.
Step 2- Now, select the Ethernet or Wi-Fi tab as per the active Wi-fi connection.
Step 3- Next, select the Edit option next to the DNS server assignment.
Step 4- From the drop-down menu choose the Manual option.
Step 5- Enable the IPv4.
Step 6- Choose a primary DoH IP address in Preferred DNS and a secondary DoH IP address in Alternate DNS section. The IP addresses may vary from Cloudflare (1.1.1.1 and 1.0.0.1) to Google (8.8.8.8 and 8.8.4.4) to others.
Step 7- From the “DNS over HTTPS” drop-down menu, choose the On (automatic template) option. There also exist other encryption preferences to choose from, but this option encrypts the DNS traffic.
Step 8- Disable the Fallback to plaintext option.
Step 9- Now, select the Save option.
2. Enabling Smart App Control to configure
Smart App Control is a security setting of Windows 11 which runs only trusted applications and hinders the running of malicious applications. It locks the system and protects the PC. The following steps allows to enable the Smart App Control-
Step 1- Launch Windows Security.
Step 2- Select App & browse control> Smart App Control settings.
Step 3- Click on the Evaluation option.
3. Enabling Microsoft Defender Application Guard
Windows 11 consists of a setting named Microsoft Defender Application Guard which secures the PC from untrusted websites and files. It obstructs the access of resources of the PC by the unwanted sites. Thus, one can easily turn on this feature and protect the PC using the steps given below-
Step 1- Go to Settings> System> Optional features page.
Step 2- Under the Related settings section, select the setting of More Windows Features.
Step 3- Enable the option of Microsoft Defender Application Guard.
Step 4- Select the OK button and thereafter select the button of Restart Now.
4. Configure Presence Sensing
Presence Sensing is another built-in security setting of Windows 11 which determines the user’s closeness to the PC. It locks the screen when the user is not near and unlock it once the user comes back. The main steps to follow to enable this security feature are as follows-
Step 1- Go to Settings> System> Power & Battery tab. Then, select the option of Screen, sleep, & hibernate timeouts.
Step 2– Now, enable the Turn off my screen when I leave. This will allow the system to disable the display as soon as the user leaves.
Step 3- Select the Wake up my device when I approach option. This will turn on the display when the PC feels the user’s presence.
Step 5- Again, enable the Dim my screen when I look away option.
Step 6- Next, select any of the settings from the steps 3, 4, or 5. This will open the settings page of Presence Sensing. Thereafter, select the Turn off my screen when I leave option.
Step 7- Furthermore, next to the option of Consider me gone when I’m this far away, select the number of feet that the PC must utilize to locate the distance when the user has left the PC.
Step 8- Further, near the Then, turn off my screen after this amount of time option, select the time, the PC should wait before turning off the screen after the user leaves the PC.
Step 9- Next, select Turn off my screen when I leave while an external display is connected and the Wake my device when I approach option.
Step 10- Next to the Wake my device when I’m this close option, select the number of feet, the PC must use to locate how near the user must be to the PC for it to wake when the user approaches.
Step 11- Select Wake my device when I approach while an external display is connected and Dim my screen when I look away.
Step 12- Lastly, select Dim my screen when I look away while an external display is connected.
5. Syncing Date and Time on Windows
The synchronization of Date and Time in Windows 11 increases the security of the PC in many ways. It helps in examining security incidents, spotting untrusted activities, deciphering security logs, etc. Now, let us look at the instructions to follow for syncing date and time-
Step 1- Go to Settings and select Time and Language.
Step 2- Select the Date & time option and then enable the Set time automatically.
Step 3- Below Additional settings, select the Sync now option.
6. Creation of Full Backup on Windows
Creating a full backup in Windows 11 is also another security setting that helps in making another copy of the whole framework. It helps in attaining protection when dealt with difficulties such as failure in hardware, malicious attacks in the system, etc. Henceforth, let us check at the steps to follow to create a full backup in WIndows 11.
Step 1- Go to Start and search Control Panel. Open the first result.
Step 2- Select System and Security > File History.
Step 3- In the left pane, select the System Image Backup setting and then Create a system image.
Step 4- Choose an external drive and save the backup of Windows 11.
Step 5- Next, select Next > Start backup> No.
Step 6- Finally, select the Close button.
7. Configure Settings of Core Isolation
Core Isolation consists of a bunch of security settings such as the Memory Integrity which secures the PC from destructive viruses and hackers. It secures the PC from malicious software and ascertains an enhanced security system in PC.
Step 1- Go to Start and search Windows Security. Open the top result.
Step 2- Select Device Security. Subsequently, select Core isolation details below Core isolation.
Step 3- Enable the Memory integrity. It will turn on the Core isolation.
Step 4- Lastly, restart the PC.
8. Configure Firewall Settings on Windows
Microsoft Defender Firewall is a feature of Windows 11 which checks the traffic of network and secures the PC from any kind of malicious access. To enable this setting, let us look at the steps that must be followed.
Step 1- Go to Windows Security>Firewall & network protection> Private Network(active).
Step 2- Enable the Microsoft Defender Firewall to disable the firewall.
9. Configure Dynamic Lock
Dynamic Lock is a built-in feature of Windows 11 that lock the PC when the user is away based on a paired Bluetooth device’s closeness. It adds an extra layer of protection to the PC. Now, let us check the steps to turn on the Dynamic lock.
Step 1- Firstly, enable the peripheral and the Bluetooth pair settings. This will make it findable.
Step 2- Next, go to Settings> Bluetooth & devices.
Step 3- Enable the Bluetooth to turn on the wireless radio.
Step 4- Select Add device>Bluetooth.
Step 5- Further, from the list, select the Bluetooth device.
Step 6- Thereafter, follow the prompts that appears on the screen.
Step 7- Next, select Accounts>Sign-in-options>Dynamic lock.
Step 8- Select Allow Windows to automatically lock your device when you’re away.
10. Configure Controlled Folder Access
Controlled folder access is another built-in security setting available in Windows 11. It is crafted to secure the PC from any kind of ransomware viruses. Thus, follow the given steps to enable Controlled folder access-
Step 1- First, go to Windows Security>Virus & threat protection.
Step 2- Below the Ransomware protection, select Manage ransomware protection.
Step 3- Now, enable Controlled folder access.
11. Blocking Unnecessary Apps on Windows
The Reputation based protection setting of Window’s security is a prominent setting which provides enhanced security to the PC. This feature blocks unnecessary and malicious apps which may be harmful for the PC and protects the PC. Hence, the steps to follow for blocking unwanted options are given below-
Step 1- Primarily go to Windows Security>App & browse control.
Step 2- Subsequently, from Reputation-based protection, select Reputation-based protection settings.
Step 3- Next, enable the Potentially unwanted app blocking.
Step 4- Lastly, select Block apps and Block downloads.
12. Configure security settings of Phishing Protection
Phishing Protection is also one of the important features of Windows 11 which secures the PC from various dangerous applications and websites. Now, let us delve into the steps which will enable the Phishing Protection in the PC.
Step 1- Firstly, go to Settings> Accounts>Sign-in options.
Step 2- Next, disable For improved security, allow Windows Hello sign-in for Microsoft accounts on this device below Additional settings.
Step 3- Now, click on the active Windows Hello feature (facial recognition, fingerprint recognition, or PIN below Ways to sign in.
Step 4- Further, select the Remove option two times.
Step 5- Now, verify the password of Microsoft account and select OK.
Step 6- Next, go to Windows Security>Apps & browser control>Reputation-based protection settings.
Step 7- Next, enable Phishing Protection.
Step 8- Lastly, select the Warn me about malicious apps and sites, Warn me about password reuse, and Warn me about unsafe password storage. All pf these options will enhance the security of the PC.
13. Configure Random MAC Address on Windows
Enabling the Random MAC address helps in altering the MAC address frequently which in turn enhances the difficulty of tracking the MAC addresses. Therefore, the steps to follow for enabling the random MAC addresses are as follows-
Step 1- First go to Settings>Network & internet>Wi-Fi.
Step 2- Secondly, enable or disable the Random hardware addresses as per requirement.
14. Creation of Passkeys on Windows
Passkey is one of the alternative ways by which one can sign-in into their Google accounts. It increases the difficulty level of the hackers to get into the accounts of users as it consists of cryptographic key pairs making it more secure than normal passwords. Thus, the steps to create Passkeys are given below.
Step 1- Go to Microsoft Edge and open the Google Account.
Step 2- Sign in into the account and go to web service account.
Step 3- Enable the Passkey sign-in and select Create a Passkey.
Step 4- Select Continue and specify the account details on Windows Hello.
Step 5- Lastly, select OK and Done.
15. Creation of System Restore Point on Windows
System Restore is a feature of Windows 11 which helps in generating a copy of the Windows’ system in the form of a restore point. It aids in securing the data of the system if somehow an error occurs after updates. The prompts to follow for creating a Restore Point are as follows-
Step 1- Firstly, go to Start and search Create a restore point. Open the first result.
Step 2- Secondly, click on the system drive (C). Thereafter, select Configure from the section of Protection Settings.
Step 3- Click on Turn on system protection.
Step 4- Select Apply>OK>Create. As a result, it will create a restore point.
Step 6- Next, specify a name for the restore point.
Step 7- Finally, select Create>Close.
16. Installation of Updates on Windows
Installation of the latest updates of Windows also help in increasing the security system of the PC. It helps in fixing any kind of existing viruses in the system and hence enhances the overall performance of the PC. For installing new updates, follow the steps given below-
Step 1- At first, go to Settings>Windows Updates>Check for updates.
Step 2- Next, if applicable, select the Get the latest updates as soon as they’re available.
Step 3- Further, select Download and install if required.
Step 4- Finally, select Restart now.
17. Configure Windows Recall
Windows 11 has a feature named Windows Recall which tracks every second spent on the PC by taking snapshots of the PC frequently. This leads in decreased privacy of the PC as it tracks every record of the OC making it welcoming for hackers. Therefore, to turn off the feature of Windows Recall feature, follow these steps-
Step 1- Go to Settings>Privacy & security>Recall & snapshots.
Step 2- Disable Save snapshots.
Step 3- Additionally, select Delete snapshots if required.
Step 4- Lastly, select Delete all below Delete all snapshots.
18. Configure Scareware Blocker on Windows
Scarecrow Blocker is one more security setting of Windows 11 which uses Artificial Intelligence to protect the PC from any kind of frauds. It offers an additional layer of protection to the PC apart from the traditional protection. Consequently, follow these steps to turn on Scareware Blocker in the PC.
Step 1- Firstly, go to Microsoft Edge>Settings.
Step 2- Next, select Privacy, search, and services>Security
Step 3- Further, enable Scareware blocker, located below Security.
Step 4- Lastly, if required, enable Microsoft Defender SmartScreen.
19. Configure Remote Desktop
The enabling of the security setting of Remote Desktop may lead to the increase of security risk in the PC. This may happen as this feature allows the access to anyone which may sometimes consists of fraudulent individuals. Thus, disabling this setting will enhance the security of the PC. Hence, for the security setting to configure, follow these steps-
Step 1- Go to Settings>System>Remote Desktop.
Step 2- Now, disable Remote Desktop.
Step 3- Finally, select Confirm.
20. Configure settings of Windows Sandbox
Windows Sandbox is another security feature of Windows 11 which protects the PC from unwanted applications and software. It analyzes and tests these applications and block the unnecessary ones. Following the steps given below will allow the security settings to configure on Windows-
Step 1- Go to Settings>System>Optional features.
Step 2- Thereafter, from the section of Related settings, select More Windows features.
Step 3- Next, select Windows Sandbox.
Step 4- Lastly select OK>Restart now.
Thus, these are the best security settings to configure on Windows which can be easily done by following the above steps in no time without any further difficulties.
Leave a Reply