• Review the Remote Access Service account access policy, and update it to meet security policies.
• Review User account properties, and update the Remote Desktop group to meet security policies.
• Remove locked-out, disabled, or expired accounts.
• Ensure that the most restrictive permissions are applied (shares)
• Remove shared folders that are no longer required.
• Verify and ensure that NTFS file system permissions are set appropriately on all shared folders and content in shared folders.
So there is some information I can obtain from here. But if you have ever had any role in security ops as opposed to pen testing, I wondered if you have any input you can share. I am looking at this from a risk assessment perspective, to see if they are doing such tasks, but I was struggling to find anything comprehensive. So any guidance or links to such documentation most welcome. But any sort of essential security operations lists be it daily, weekly, monthly etc would be a great help.