Hardening Flashcards
Hardening
Process of enhancing the security of a system application or network; Default passwords, unneeded port/protocols, and extra open ports
Least Functionality
Process of configuring a workstation or server with only essential applications and services for the user
Secure Baseline Image
A standardized workstation setup including OS, essential applications and strict policies in corporate network
Allow Listing
Security measure that permits only approved applications to run on the OS
Block Listing
Preventing listed applications from running allowing all others to execute
Trusted Operation Systems
Designed to provide a secure computing environment by enforcing stringent security policies that usually rely on mandatory access controls
Evaluation Assurance Level (EAL)
A framework used to assess and certify the security features of IT products
EAL1
Is the lowest
EAL7
Is the most secure
EAL4
Means this OS was carefully designed, tested, and reviewed offering good security assurance
Hotfix
Software patch that solves security issue and should be applied immediately after tested in a lab environment
Updates
Software modifications
Patches
Specific software updates
Service Pack
Includes all the hotfixes and updates since the release of the OS
Patch Management
The planning, testing, implementing, and auditing software patches
Process of Patch Management
Planning, testing, implementing, auditing
Group Policies
Set of rules or policies that can be applied to a set of users or computer accounts of an OS
Security Template
A group of policies that can be loaded through one procedure
Baselining
Process of measuring changes in the network, hardware, or software environment
Context-Based Permissions
Permission schemes that are defined by various properties for a given file or process; All are evaluated
Contexts For SELinux
User, Role, Type
SE Linux Modes
Disabled, Enforcing, Permissive
SELinux Disabled
SELinux is turned off. MAC is off; Only using DAC
SELinux Enforcing
All features are enabled
