Security

Question 1

Update software/ apps regularly

Answer 1

Application

Question 2

Use separate partitions for users files and system files

Answer 2

File system

Question 3

Manage bash history

Answer 3

file system

Question 4

Update /etc/sysctl.conf with secure configurations when possible

Answer 4

kernel

Question 5

Implement a centralized authentication service like kerberos

Answer 5

network

Question 6

Use encryption for data transfer

Answer 6

network

Question 7

Disable booting from external drives

Answer 7

kernel

Question 8

Implement intrusion detection with AIDE (advanced intrusion detection environment

Answer 8

file system

Question 9

Disable root login

Answer 9

authentication

Question 10

Implement ssh key pairs

Answer 10

authentication

Question 11

Container Encryption

Answer 11

data

Question 12

Cryptograph and key management

Answer 12

cloud data

Question 13

Privileged identity management PIM

Answer 13

IAM Cloud

Question 14

Standard applications
Microservices

Answer 14

app cloud

Question 15

Hypervisors

Answer 15

compute cloud

Question 16

Virtual Switches
Virtual Firewalls

Answer 16

network cloud

Question 17

MFA
Authorization

Answer 17

IAM Cloud

Question 18

Disk Encryption
Partition Encryption

Answer 18

Data

Question 19

Limit user permissions

Answer 19

authentication

Question 20

Implement selinux or app armour

Answer 20

file system

Question 21

Remove unnecessary packages
Disable unnecessary services

Answer 21

application

Question 22

Utilize relevant mount options for security

Answer 22

file system

Question 23

Regularly update kernel patches
Implement kernel module signing

Answer 23

kernel

Question 24

Interact with services systemctl

Answer 24

network

Question 25

Implement a virtual private network

Answer 25

network

Question 26

Implement security best practices for common system services like apache, nginx, php etc

Answer 26

application

Question 27

Set up dedicated users for services

Answer 27

application

Question 28

Enforce strong passwords
Enforce password expiration

Answer 28

authentication

Question 29

Offsite Backups

Answer 29

data

Question 30

File Encryption

Answer 30

file

Question 31

Data and media sanitzation

Answer 31

data cloud

Question 32

Network Security Groups and VPC

Answer 32

network cloud

Question 33

Middleware and Runtime
Inventory Management

Answer 33

compute cloud

Question 34

Containers
Serverless

Answer 34

app cloud

Question 35

OS and Virtual Machines

Answer 35

Compute Cloud

Question 36

APIs

Answer 36

app cloud

Question 37

network perimeter

Answer 37

network cloud

Question 38

Remote backups

Answer 38

data cloud

Question 39

Identity
Authentication

Answer 39

IAM Cloud

Question 40

Data at rest
Data transit/motion

Answer 40

Data cloud

Question 41

Set a grub boot loader password

Answer 41

kernel system

Question 42

Implement an intrusion prevention system IPS

Answer 42

network

Question 43

Implement secure socket layer SSL or Transport layer security TLS when possible

Answer 43

network