Hardening Targets 4.1

Question 1

Hardening

Answer 1

• Protecting the information in the system
• Keeping other services and users off the system to further improve security
• Change the default settings of an operating system

Question 2

Hardening Guides

Answer 2

• Are specific to the software or platform to help maintain security and safety.

Question 3

Hardening of Mobile Devices

Answer 3

• Manufactures provided hardening checklists to secure a personal device.
• Updates provided bug fixes and security patches

Question 4

Mobile Device Manager (MDM)

Answer 4

• Assists in managing a large group of mobile devices
• Monitors these devices and pushes security updates.

Question 5

Hardening of Workstations

Answer 5

• These include user desktops and laptops
• Constant monitoring and updates are performed with patches released on a specific timeframe

Question 6

Hardening of the Networking

Answer 6

• Always change the default credentials
• Can check with manufacturer for security updates

Question 7

Hardening of Cloud Infrastructure

Answer 7

• Secure the cloud management workstation
• Establish least privilege for software and users to have the minimum permission and rights to perform their specific functions

Question 8

Configure Endpoint Detection and Response (EDR)

Answer 8

• Monitor the Cloud for any potential attacks
• Ensure the Cloud is up-to-date with latest antimalware technologies.

Question 9

Cloud to Cloud (C2C)

Answer 9

• Cloud infrastructures are prone to outages
• Backing up the Cloud to another Cloud based service.

Question 10

Supervisory Control and Data Acquisition System (SCADA)

Answer 10

• Used for large-scale/multi-site Industrial Control Systems (ICS)
• PC manages equipment such as the ICS
• Separated from other systems on the network by an air gap and has limited access

Question 11

Embedded Systems

Answer 11

• Hardware and software designed for a specific function or to operate as part of a larger system.
• Typically seen within devices such as smart watches

Question 12

Considerations for Embedded Systems

Answer 12

• Can be difficult to upgrade
• If a security patch becomes available, this must installed as soon as possible to remove potential threats

Question 13

Addressing Security Issues for Embedded Systems

Answer 13

• Consider placing the embedded system in a separate system with a firewall
• Prevents access from unauthorized users

Question 14

Real Time Operating System (RTOS)

Answer 14

• An operating system with a deterministic processing schedule or a set schedule for each process to occur.

Question 15

Consideration for RTOS

Answer 15

• This system should be isolated to prevent access from other systems.
• Run with minimum services to prevent potential exploits
• Use secure communication

Question 16

Internet of Things (IoT) Devices

Answer 16

• Devices that manage systems using automation such as wearable technology, home automation, etc.,

Question 17

Security Considerations for IoT

Answer 17

• Weak defaults as manufacturers are not security experts
• Security patches must be placed at the highest priority and should be deployed as soon as possible
• Devices should be placed on their own network using VLAN