Module 4 Flashcards
Security Hardening
The process of strengthening a system to reduce its vulnerability and attack surface
Attack Surface
All the potential vulnerabilities that a threat actor could exploit
Security Hardening is Conducted on
Hardware
Operating systems
Applications
Computer networks
Databases
Penetration Test
A simulated attack that helps identify vulnerabilities in systems, networks, websites, applications, and processes.
Operating System (OS)
The interface between computer hardware and the user interface
Patch Update
A software and operating system update that addresses security vulnerabilities within a program or product
Baseline Configuration (Baseline Image)
A documented set of specifications within a system that is used as a basis for future builds, releases, and updates
Multi-factor Authentication (MFA)
A security measure which requires a user to verify their identity in two or more ways to access a system or network
Categories of Multi-Factor Identification
Something you know
Something you have
Something unique about you
Network Security Hardening
Port filtering
Network access privilege
Encryption
Tasks performed
Firewall rules maintenance
Network log analysis
Patch updates
Server backups
Network Log Analysis
The process of examining network logs to identify events of interest
Security Information and Event Management tool (SIEMENS)
An application that collects and analyzes log data to monitor critical activities in an organization
Port Filtering
A firewall function that blocks or allows certain port numbers to limit unwanted communication
Cloud Network
A collection of servers or computers that stores resources and data in remote data centers that can be accessed via the Internet
