Section 6: Hardening Flashcards
What is the principle of Hardening?
Hardening is the a process to mitigate risk by minimizing vulnerability to reduce exposure to threats.
What is the principle of Least Functionality?
Process of configuring workstation or server to only provide the essential applications and services
What is a good way to Implement the Least functionality when adding a new device?
Centralized Group Policies
Baseline Images
Microsoft System Center configuration
What is System Center Configuration Management?
System Center Configuration Management (SCCM) is a centralized management system for policies and software across the network of devices.
What are two ways to restrict application on endpoints in the network?
Whitelist and Blacklist application
What is Application Whitelisting?
Application whitelisting is setting up specific application that are allowed to be used and black all others
What is Application Blacklisting?
Application blacklisting is restricting specific applications and allowing all others
What are Services on a device?
Services are a type of application that runs in the background of the application, preforming various functions
How do you open the Services app on Windows?
Run services.msc app
How do you stop a service on windows from the command prompt?
> sc stop “service name”
or
net stop “service name”
How do you open services on OS X?
Activity monitor
How can you stop a service on OS X and Linux?
Terminal
user$ kill pid “pid number”
How could you open services on both Linux and OS X?
Because OS X is a linux based, you can use terminal on both of them stop and see services.
user$ top (to see services running)
user$ kill pid “pid number” (to stop service)
What is a Trusted Operating System (TOS)?
Trusted Operating System (TOS) is an operating system that meets the requirements set by the government and has multilayered security.
List a few Trusted Operating Systems (TOS)?
macOS 10.6+
Windows 7 +
Redhat Enterprise server
What is a Patch or Hotfix?
Patch/Hotfix is a single problem-fixing piece of software for an operating system or application
What is a Critical Update?
Critical Update is software code for a specific problem adding a critical, non-security bug in software
What is a Service Pack?
Service Pack is a tested, cumulative grouping of patches, hot fixes, security updates, critical updates and possibly some features.
What is Windows Update?
Windows update is a recommended update to fix a non-critical problem that users have found, as well as to provide additional features and capabilities
What is a Driver Update?
Driver update is a device driver update to fix a security issue or add new feature to supported piece of hardware.
What is Patch Management?
Patch management is the process of planning, testing, implementing, and auditing of software patches
What is Planing in patch management?
Planning is the process of verifying the compatibility with our system and planing for how you will test and deploy the system.
What is Testing in patch management?
Testing in patch management is the process of testing a new patch on a small subset of the network endpoints to ensure compatibility and reduce possibly of critical failures across you whole network.
What is Implementation in patch management?
Implementation is the process of actually installing the patch into the network endpoints.
What is Auditing in patch management?
Auditing is the process of checking the patch system for failures or other problems.
What type of system can help with the implementation of patches during the patch management process in large networks?
Centrally located system (Microsoft System center configuration manager) is the best way to push patches out to large networks.
What is group policy in relation to networks of endpoints?
Group policy us used to create and manage policies for your network.
How do you access group policy in windows environment?
group policy in windows can be accesses with gpedit
What is active directory?
active directory is an object based system for managing policies.
What is a Security Template in group policy?
A security template is a group of policies that can be loaded through one procedure
What it Group Policy Objectives?
Group Policy Object is a group of virtual policies that aid in the hardening of the system
What is Baseline in group policy?
Baseline is the process of measuring changes in the network, hardware and software environment.
What are the benefits of Baselining systems in the network?
The benefits of Baseling is it helps in establishing what is normal in the organization so you can identify what is abnormal.
What is the most secure Windows file system?
New Technology File System (NTFS) is more secure because it support logging, encryption, larger partitions, and larger file size than FAT32
What is apples file system?
APFS, Apple protected file system?
What is NTFS for windows?
NTFS - New technology file system for windows which is the default file system for windows
5 steps to reduce HDD data loss?
1) remove temp files - malware like to run in it
2) periodic file system check
3) Disk defragment
4) Backup of data
5) Use and practice restoration techniques (help check that backups are working)
