Hello,
Firstly I would like to say I am still a learning admin which has been given a task somewhat out of my league.
We have a client who has windows server 2008 r2 running as a domain controller with multiple office pc's on the main floor. After a recent attack of ransomware at a different clients office they are worried about security. And I was asked to harden the security on the server and network in general. After going through a lot of information on the web I understand that number one priority is to be made for secure backing up and am suggesting a cloud based backup solution with the option to rollback file versions so that in the case of ransomware we have clean backups of all the important files.
What I want to ask is can anyone point me in the direction of some good guidelines or point out some general things that should be done on the server so that I can more or less sleep a bit easier. Ive been reading up on AppLocker but I am confused as to which folders and paths I should block off for running exe files.