I’m tasked with building a Windows 2008 R2 image for our enterprise but I need a little help getting started. I’ve worked with many different windows server images that were hardened/secured by other teams but I’ve never done this my self before. Now I’m starting from a fresh Windows 2008 R2 build and I want to start securing it. Where do I start? Can everything in 2008 R2 be hardened by GPO? Or is there still a lot of stuff that needs to be done to the image to secure it? Any documentation of just a general hardening would be helpful.
