Defence

Defender Status

C:\> sc query windefend

PS C:\> Get-MpComputerStatus

List AppLocker Rules

PS C:\> Get-AppLockerPolicy -Effective | select -ExpandProperty RuleCollections

Test AppLocker Policy

PS C:\> Get-AppLockerPolicy -Local | Test-AppLockerPolicy -path C:\Windows\System32\cmd.exe -User Everyone

PowerShell Constrained Language Mode

PS C:\> $ExecutionContext.SessionState.LanguageMode

LAPS

PS C:\> Find-LAPSDelegatedGroups # Lists groups/users with permission to retrieve LAPS-managed passwords
PS C:\> Find-AdmPwdExtendedRights # Identifies who can read LAPS-stored local admin passwords
PS C:\> Get-LAPSComputers # Retrieves a list of computers managed by LAPS

Check Firewall

PS C:\> netsh advfirewall show allprofiles

PreviousPermissions NextPrograms