This will be a introductory to intermediate talk on how to harden Microsoft OS systems in enterprise environments and test them appropriately for large scale deployments. I will be teaching the basics on how to start with hardening the OS first and showing the tools to accomplish hardening tasks that may require upwards of 300 + group policies. I will also include application hardening techniques to well known exploit vectors such as the IE browser- Java- adobe reader. I'll also show how to deploy Microsoft EMET in enterprise environments to further enhance exploit mitigation and the pitfalls to avoid as well as testing considerations with company applications. Got local admin with static passwords? Technical expertise comes and goes…does your local admin passwords go out the door with it? I’ll cover PowerShell techniques that can randomize local administrator passwords when disabling admin accounts just isn’t an option in your environment. What about security baselines? This talk is for you. I’ll go over how to pull out group policy objects in your production environment and run them through a comparative analysis based on common hardening process. ALL DONE WITH FREE TOOLS!