A year ago, I showed how to lock down SharePoint 2007 using the Security Configuration Wizard that was introduced with Windows Server 2003. The last post includes information on how the tool works, but as the Microsoft SharePoint 2010 Administration Toolkit was just released (which includes the Security Configuration Wizard (SCW) manifests for SharePoint 2010 running on Windows Server 2008/R2, I thought I would link to some resources and provide screenshots of the process.
While the documentation discusses how to install the SharePoint Foundation and SharePoint Server manifests, it appears that Project Server 2010 security manifests are included as well:
The Project Server manifests depend upon having the SharePoint Foundation and SharePoint Server manifests installed following the steps here, after which you can register them as follows:
Once you are done, just start up the Security Configuration Wizard by clicking Start –> Run –> scw.exe. Just click through the wizard, choose the appropriate options, and apply the configuration. You will then be all set to go with unnecessary services/ports disabled and firewall/auditing/registry settings configured as locked down.