WK4 Security Hardening Flashcards

1
Q

Security Hardening

A

Security hardening is the process of strengthening a system to reduce its vulnerability and attack surface

Let’s use an example that compares a network to a house. The attack surface would be all the doors and windows that a robber could use to gain access to that house. Just like putting locks on all the doors and windows in the house, security hardening involves minimizing the attack surface or potential vulnerabilities and keeping a network as secure as possible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Attack Surface

A

All the potential vulnerabilities that a threat actor could exploit are referred to as a system’s attack surface.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Where can Security Hardening be conducted

A

Security hardening can be conducted on any device or system that can be compromised, such as hardware, operating systems, applications, computer networks, and databases. Physical security is also a part of security hardening. This may include securing a physical space with security cameras and security guards.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Some common types of Hardening procedures

A

Some common types of hardening procedures include software updates, also called patches, and device application configuration changes. These updates and changes are done to increase security and fix security vulnerabilities on a network.

An example of a security configuration change would be requiring longer passwords or more frequent password changes. This makes it harder for a malicious actor to gain login credentials.

An example of a configuration check is updating the encryption standards for data that is stored in a database. Keeping encryption up to date makes it harder for malicious actors to access the database.

Other examples of security hardening include removing or disabling unused applications and services, disabling unused ports, and reducing access permissions across devices and network. Minimising the number of applications, devices, ports, and access permissions makes network and device monitoring more efficient and reduces the overall attack surface, which is one of the best ways to secure an organisation.

Another important strategy for security hardening is to conduct regular penetration testing. A penetration test, also called a pen test, is a simulated attack that helps identify vulnerabilities in a system, network, website, application, and process. Penetration testers document their findings in a report. Depending on where the test fails, security teams can determine the type of security vulnerabilities that require fixing. Organisations can then review these vulnerabilities and come up with a plan to fix them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly