Settings for maximum security?

NIS 2010 sets up briiliantly out-of-the-box but I’m reading posts on Wilders etc that have people changing defaults for better security.  Can somebody from the community or a Symantec employee give some tips on this as the only negative comments I’m reading are how daunting all the myriad settings are, and I agree.  Thank you in anticipation and thank you Symantec for the latest iteration of NIS.