How to set 'Remote Desktop security level' to 'TLS'

Determines the method used by the server and client for authentication prior to a remote desktop connection being established.

Potential risk

If the authentication level isn't secure enough, an attacker could gain remote access to the machine

Remediation options

Option 1 - Set the following registry value:
HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\SecurityLayer

To the following REG_DWORD value: 2

Option 2 - Set the following Group Policy:
Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Security\Require use of specific security layer for remote (RDP) connections

To the following value: SSL (TLS 1.0)