diff --git a/setup.py b/setup.py
index e56ef4a..2994711 100644
--- a/setup.py
+++ b/setup.py
@@ -101,6 +101,127 @@ def install():
     #run("")
     #CIS-15550 - Ensure 'Network access: Restrict anonymous access to Named Pipes and Shares' is set to 'Enabled'.
     registry_set(HKEY_LOCAL_MACHINE, r"System\CurrentControlSet\Services\LanManServer\Parameters", "RestrictNullSessAccess","1")
+    #CIS-15551 - 
+    #run("")
+    #CIS-15552 - 
+    #run("")
+    #CIS-15553 - Ensure 'Network access: Sharing and security model for local accounts' is set to 'Classic'.
+    registry_set(HKEY_LOCAL_MACHINE, r"System\CurrentControlSet\Control\Lsa", "ForceGuest","0")
+    #CIS - Ensure 'Network security: Allow Local System to use computer identity for NTLM' is set to 'Enabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"System\CurrentControlSet\Control\Lsa", "UseMachineId","1")
+    #CIS - Ensure 'Network security: Allow LocalSystem NULL session fallback' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"System\CurrentControlSet\Control\Lsa\MSV1_0", "allownullsessionfallback","0")
+    #CIS - Ensure 'Network Security: Allow PKU2U authentication requests to this computer to use online identities' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"System\CurrentControlSet\Control\Lsa\pku2u", "AllowOnlineID","0")
+    #CIS - Ensure 'Network security: Do not store LAN Manager hash value on next password change' is set to 'Enabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"System\CurrentControlSet\Control\Lsa", "NoLMHash","1")
+    #CIS - Ensure 'Network security: Force logoff when logon hours expire' is set to 'Enabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\LanManServer\Parameters", "EnableForcedLogOff","1")
+    #CIS - Ensure 'Network security: LAN Manager authentication level' is set to 'Send NTLMv2 response only. Refuse LM & NTLM'.
+    registry_set(HKEY_LOCAL_MACHINE, r"System\CurrentControlSet\Control\Lsa", "LmCompatibilityLevel","5")
+    #CIS - Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) clients' is set to
+    registry_set(HKEY_LOCAL_MACHINE, r"System\CurrentControlSet\Control\Lsa\MSV1_0", "NTLMMinClientSec","537395200")
+    #CIS - Ensure 'Network security: Minimum session security for NTLM SSP based (including secure RPC) servers' is set to
+    registry_set(HKEY_LOCAL_MACHINE, r"System\CurrentControlSet\Control\Lsa\MSV1_0", "NTLMMinServerSec","537395200")
+    #CIS - Ensure 'System objects: Require case insensitivity for non-Windows subsystems' is set to 'Enabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"System\CurrentControlSet\Control\Session Manager\Kernel", "ObCaseInsensitive","1")
+    #CIS - Ensure 'System objects: Strengthen default permissions of internal system objects (e.g. Symbolic Links)' is set to 'Enabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"System\CurrentControlSet\Control\Session Manager", "ProtectionMode","1")
+    #CIS - Ensure 'User Account Control: Admin Approval Mode for the Built-in Administrator account' is set to 'Enabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "FilterAdministratorToken","1")
+    #CIS - Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation
+    registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "ConsentPromptBehaviorUser","0")
+    #CIS - Ensure 'User Account Control: Behavior of the elevation prompt for standard users' is set to 'Automatically deny elevation
+    registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableInstallerDetection","1")
+    #CIS - 	Ensure 'User Account Control: Only elevate UIAccess applications that are installed in secure locations' is set to 'Enabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableSecureUIAPaths","1")
+    #CIS - 	Ensure 'User Account Control: Run all administrators in Admin Approval Mode' is set to 'Enabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableLUA","1")
+    #CIS - 	Ensure 'User Account Control: Switch to the secure desktop when prompting for elevation' is set to 'Enabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "PromptOnSecureDesktop","1")
+    #CIS - 	Ensure 'User Account Control: Virtualize file and registry write failures to per-user locations' is set to 'Enabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"Software\Microsoft\Windows\CurrentVersion\Policies\System", "EnableVirtualization","1")
+    #CIS - 	Ensure 'Bluetooth Audio Gateway Service (BTAGService)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\BTAGService", "Start","4")
+    #CIS - 	Ensure 'Bluetooth Support Service (bthserv)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\bthserv", "Start","4")
+    #CIS - 	Ensure 'Downloaded Maps Manager (MapsBroker)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\MapsBroker", "Start","4")
+    #CIS - 	Ensure 'Geolocation Service (lfsvc)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\lfsvc", "Start","4")
+    #CIS - 	Ensure 'IIS Admin Service (IISADMIN)' is set to 'Disabled' or 'Not Installed'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\IISADMIN", "Start","4")
+    #CIS - 	Ensure 'Infrared monitor service (irmon)' is set to 'Disabled' or 'Not Installed'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\irmon", "Start","4")
+    #CIS - 	Ensure 'Internet Connection Sharing (ICS) (SharedAccess)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\SharedAccess", "Start","4")
+    #CIS - 	Ensure 'Link-Layer Topology Discovery Mapper (lltdsvc)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\lltdsvc", "Start","4")
+    #CIS - 	Ensure 'LxssManager (LxssManager)' is set to 'Disabled' or 'Not Installed'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\LxssManager", "Start","4")
+    #CIS - Ensure 'Microsoft iSCSI Initiator Service (MSiSCSI)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\MSiSCSI", "Start","4")
+    #CIS - 	Ensure 'Microsoft FTP Service (FTPSVC)' is set to 'Disabled' or 'Not Installed'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\FTPSVC", "Start","4")
+    #CIS - 	Ensure 'OpenSSH SSH Server (sshd)' is set to 'Disabled' or 'Not Installed'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\sshd", "Start","4")
+    #CIS - 	Ensure 'Peer Name Resolution Protocol (PNRPsvc)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\PNRPsvc", "Start","4")
+    #CIS - Ensure 'Peer Networking Grouping (p2psvc)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\p2psvc", "Start","4")
+    #CIS - Ensure 'Peer Networking Identity Manager (p2pimsvc)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\p2pimsvc", "Start","4")
+
+    #CIS - Ensure 'PNRP Machine Name Publication Service (PNRPAutoReg)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\PNRPAutoReg", "Start","4")
+    #CIS - Ensure 'Print Spooler (Spooler)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\Spooler", "Start","4")
+    #CIS - Ensure 'Problem Reports and Solutions Control Panel Support (wercplsupport)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\wercplsupport", "Start","4")
+    #CIS - Ensure 'Remote Access Auto Connection Manager (RasAuto)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\RasAuto", "Start","4")
+    #CIS - Ensure 'Remote Desktop Configuration (SessionEnv)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\SessionEnv", "Start","4")
+
+    #CIS - Ensure 'Remote Desktop Services (TermService)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\TermService", "Start","4")
+    #CIS - Ensure 'Remote Desktop Services UserMode Port Redirector (UmRdpService)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\UmRdpService", "Start","4")
+    #CIS - Ensure 'Remote Procedure Call (RPC) Locator (RpcLocator)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\RpcLocator", "Start","4")
+    #CIS - Ensure 'Remote Registry (RemoteRegistry)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\RemoteRegistry", "Start","4")
+    #CIS - 	Ensure 'Routing and Remote Access (RemoteAccess)' is set to 'Disabled'.
+    registry_set(HKEY_LOCAL_MACHINE, r"SYSTEM\CurrentControlSet\Services\RemoteAccess", "Start","4")
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+    
+
+
+