With ColdFusion 10, option to have Secure Profile enabled is added at installation time. It is recommended to choose this for production or public facing servers. When selected, this will enforce a lot of security related configurations enabling fewer configurations required by administrator to secure the server.
Read for a complete list of settings added in Secure profile at Secure Profile & ColdFusion 10
Ray has also created a very nice Administrator Extension. The details can be found as Security Profile Admin Extension for ColdFusion 10