Hardening (OBJ .)

(OBJ .)

Hardening

• Process of enhancing system, application, or network security
• Measures
  • Apply security patches, configure access controls, disable unnecessary services
• Purpose
  • Strengthen overall security posture and resilience against cyberattacks

Study Topics

• Default Configurations
  • Definition and identification of default configurations
  • Changing default passwords, open ports, and insecure configurations
• Restricting Applications
  • Application restriction approach
  • Allow listing, blocking unauthorized software
• Disabling Unnecessary Services
  • Identifying unnecessary services
  • Risks and consequences of running unnecessary services
  • Disabling unnecessary services to reduce the attack surface
• Trusted Operating Systems
  • Definition and characteristics of trusted operating systems
  • Rigorous security evaluations and certifications
• Updates and Patches
  • Understanding updates vs. patches
  • Importance of regular software updates
  • Systematic process of patch management
• Group Policies
  • Role of Group Policies in Windows environments
  • Central management and control of user and computer settings
• SELinux (Security-Enhanced Linux)
  • Role and implementation of SELinux
  • Mandatory access controls for enhanced security
• Data Encryption Levels
  • Different levels of data encryption
    • Full-disk
    • Partition
    • File
    • Volume
    • Database
    • Record Level Encryption
• Secure Baselines
  • Definition and purpose of secure baselines
  • Establishing a secure starting point for minimizing security risks