IPv6
When pen testing networks, I find it humorous the ease it is to use IPv6 exploits. Too many companies have their entire network dual honed, from their external router to user endpoints and servers. Yet, nothing uses it. Therefore, it's rare for IPv6 to be configured correctly or a good security posture maintained.
If you're not using IPv6 for anything... shut it off!
By default, Windows will activate it on your NICs, so you need to go in and ensure it's unchecked.
