A security baseline is a vetted collection of security-focused configuration settings for Windows and other Microsoft products.
To maximize security with increased flexibility and reduced cost, Microsoft recommends deploying an industry-standard security configuration, such as one of their security baselines. For more information about these configurations, refer to Microsoft Security Baselines.
We recommend using the Security Compliance Toolkit (SCT) to deploy the most recent security baseline for your version of Windows. The SCT is a set of tools provided by Microsoft to help deploy security baselines. For more information, refer to Microsoft Security Compliance Toolkit 1.0.
Security baselines for supported versions of Windows and Windows Server include:
- Windows Server 2022
- Windows 10, version 21H2
- Windows 10, version 21H1
- Windows 10 and Windows Server, version 20H2
- Windows 10 Enterprise LTSC 2019, and Windows Server 2019
- Windows 10 Enterprise LTSC 2016, and Windows Server 2016
- Windows 8.1 and Windows Server 2012 R2
For other security baselines, see the Microsoft Security Baselines Blog.
Outside the security baselines, Microsoft has provided information and security guidance for SQL Server. For more information, refer to Securing SQL Server.