Operating System Vulnerabilities

(OBJ 2.3 & 2.5)

Systems that lack the latest security updates, making them vulnerable
Attackers exploit known vulnerabilities in unpatched systems
To mitigate unpatched system vulnerabilities, ensure regular system updates and patches, either automatically or manually

Zero-days
- Unknown vulnerabilities to developers and attackers
Security solutions like host-based intrusion prevention systems (IPS) can help detect and block suspicious activities
Frequent system and software updates provide additional defense against potential zero-day exploits in the future

Occurs when system settings are improperly configured and this leaves your system vulnerable to exploitation
Standardize and automate configuration processes with configuration management tools
- Elimination of human errors within system's configuration
Conduct periodic audits and reviews to identify and mitigate vulnerabilities due to misconfigurations

Involves unauthorized data transfers from an organization to an external location
- Someone stealing your data without your awareness
Protect against data exfiltration with encryption for data at rest and endpoint protection tools
Endpoint protection tools can monitor and restrict unauthorized data transfers
Example:
- If implemented a host-based firewall, you can then use this to control the inbound and outbound traffic on a given system to ensure that your data isn't leaving the system without authorization

Occur when an attacker has been able to craft a malicious update to a well-known and trusted program in order to compromise the systems of the program's end users
Appear as legitimate security updates but contain malware or exploits
Ensure you only source updates from trusted vendors and official channels
Maintain application allow lists, verify update authenticity with digital signatures and hashes