Hardening Flashcards
Hardening
Act of configuring an operating system securely by updating it, creating rules and policies to govern it, and removing unnecessary applications and services. Mitigate risk by minimizing vulnerabilities to reduce exposure to threats
Unnecessary Applications
Work from least functionality needed, providing only essential applications and services.
Personal computers often accumulate unnecessary programs over time.
Utilize a secure baseline image when adding new computers.
Microsoft Endpoint Configuration Manager (MECM)
Provides remote control, patch management, software distribution, operating system deployment, network access protection and hardware and software inventory
Restricting Applications
Whitelist - Only applications that are on the list are allowed to be run by the operating system while all other applications are blocked.
Blacklist - Any application placed on the list will be prevented from running while all others will be permitted to run.
Trusted Operating Systems
An operating system that meets the requirements set forth by government and had multilevel security.
Windows 7 and newer
Mac OS X 10.6 and newer
FreeBSD (TrustedBSD)
Red Hat Enterprise Server
Patches and Hotfixes
A single problem-fixing piece of software for an operating system or application.
Patches and hotfixes are now used interchangeably by most manufacturers.
Categories of Updates
Security Update - Code for a product-specific security-related vulnerability.
Critical Update - Code for a specific problem addressing a critical, non-security bug in the software.
Service Pack - A tested, cumulative grouping of patches, hotfixes, security updates, critical updates, and possibly some feature or design changes.
Windows Update - Recommended update to fix a noncritical problem that users have found, as well as to provide additional features and capabilities.
Driver Update - Updated device driver to fix a security issue add a feature to a supported piece of hardware.
