19A: Employ Technical Controls Flashcards
3.5 Explain common attacks and vulnerabilities against specialized systems. 4.2 Given a scenario, analyze the findings and recommend the appropriate remediation within a report.
Process of making a host or app configuration secure by reducing its attack surface, through running only necessary services, installing monitoring software to protect against malware and intrusions, and establishing a maintenance schedule to ensure the system is patched to be secure against software exploits.
hardening
This is the process of thoroughly and completely removing data from a storage medium so that file remnants cannot be recovered.
sanitization
Also referred to as encoding, substitutes special characters in HTML markup with representations that are called entities.
escaping
A specific type of remediation; this is the concept of resolving a finding through changing how it is used or implemented.
process-level remediation
Identifying, testing, and deploying OS and application updates. Patches are often classified as critical, security-critical, recommended, and optional.
patch management
The process of periodically generating and implementing new access keys to a server/service.
key rotation
The practice of issuing, updating, and revoking digital certificates.
certificate management
The process of assigning a specific certificate to a particular element to avoid man-in-the-middle-attacks.
certificate pinning
A platform that controls passwords, key pairs and other sensitive information that should be stored securely.
secret management solution
The process of dividing the system infrastructure into different physical or virtual subdivisions.
network segmentation
