Scenario: You have a public facing web site in SharePoint 2007, and you have added form-based authentication for access to the secure areas of your site.
The problem with SharePoint 2007 is that out of the box behavior assumes access to the application pages (_layouts) for authenticated users. Security trimming will prevent access to pages that users have no access, but not all of the application pages. It would be jolly nice if you could lock down your site and prevent access to all application pages unless you are an super admin. Fortunately there is a nice STSADM command that will perform this action for you:
Turn on lockdown mode for a site collection
stsadm -o activatefeature -url <site collection url> -filename ViewFormPagesLockDownfeature.xml
Turn off lockdown mode for a site collection
stsadm -o deactivatefeature -url <site collection url> -filename ViewFormPagesLockDownfeature.xml
Lockdown mode reduces permissions as follows: