Chapter - 20 - Hardening Flashcards

1
Q

What are few ways to perform system hardening?

A
  1. Changing default configurations - i.e. changing default username/passwords.
  2. Creating a secure base of systems
  3. Closing unneeded ports
  4. Removing unneeded applications and services
  5. Creating a allow-list of applications that we can install on our system.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

How can we open Services utility on a Windows system?

A

By running services.msc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What command can we use to stop a service in Linux?

A

sc stop wuauserv ### or

net stop wuauserv

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are Trusted Operating system?

A

These are the operating systems that have a implementation of very strict or secure access control policies. For example - such OS is SELinux that implement access policies using MAC(Mandatory Access Control).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What metric do we use to rate Trusted Operating systems?

A

EAL value - EAL stands for Evaluation Assurance level. It goes from 1 to 7

Most Linux and windows operating system user EAL4 or plus.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Give me an example of an element of Trusted operating system in Android Devices.

A

Use of Sandboxing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Patch Management?

A

It is the process of planning, testing, implementing and auditing software patches.

Patches can be deployed in rings - Ring1, Ring2, Ring3

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Give me an example of patch management software that we can use in Windows environment.

A

Microsoft Endpoint Configuration Manager

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are group policies?

A

Group policies are the set of rules and policies/configurations that we can deploy on a system or to a group of system or users, usually from a central point (such as Active Directory).

To access group policy tool in Windows Operating System, we can gpedit tool.

Example of few group policies -
Password requirements
Account lockout policies
Software Restriction
etc

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is SELinux?

A

SELinux is a trusted Operating system and it uses MAC to implement access control policies on the OS.

SElinux is used to enforce MAC on processes and resources and enable information to be classified and protected

SElinux defines 3 main contexts for each file and process:
- user
- Role
- Type - It groups objects together that have similar security requirements or characteristics.
- Level - It is used to describe the sensitivity level of a file, directory or process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are 3 different modes that we can run SElinux mode in?

A
  1. Disabled mode
  2. Enforcing mode
  3. Permissive mode
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are different data encryption levels?

A
  1. Full Encryption
  2. Partition Encryption
  3. Volume Encryption
  4. Database Encryption
  5. Record Encryption
  6. File Encryption
How well did you know this?
1
Not at all
2
3
4
5
Perfectly