Hradening WMI: Any security benefit to changing Impersonation level?


Does changing the Default Impersonation Level in Windows machines to 2 or 1 help mitigate against WMI exploitation?

wbemImpersonationLevelAnonymous 1     Moniker: Anonymous Hides the credentials of the caller. Calls to WMI may fail with this impersonation level. wbemImpersonationLevelIdentify 2     Moniker: Identify Allows objects to query the credentials of the caller. Calls to WMI may fail with this impersonation level. wbemImpersonationLevelImpersonate 3     Moniker: Impersonate Allows objects to use the credentials of the caller. This is the recommended impersonation level for Scripting API for WMI calls. wbemImpersonationLevelDelegate 4     Moniker: Delegate Allows objects to permit other objects to use the credentials of the caller. This impersonation will work with Scripting API for WMI calls but may constitute an unnecessary security risk.