IC34 With 100% COMPREHENSIVE QUESTIONS AND ANSWERS GRADED A+
Terms in this set (110)
The process of securing a system by reducing its attack surface
Reducing available vectors of attack typically includes:
What is System Hardening? Removal of unnecessary software Removal of unnecessary user accounts Strong access
controls (e.g. multifactor authentication)
Disabling or removal of unnecessary services
Installing security patches
Nearly anything that is configurable! Operating Systems
Databases
Applications
Managed switches
What Types of Systems or Devices Can Be
Routers firewalls
Hardened?
Communication gateways Modems .
PLCs, RTUs
IEDs
VFDs
IC34
1/18
,10/17/24, 5:35 AM
NIST SP 800-123 "Guide to General Server Security" .
Microsoft Security Guides
Center for Internet Security's (CIS) Security Benchmarks
Defense Information Systems Agency's "Security Technical Implementation Guides" (DISA
STIGs)
OS Hardening Guidance Security Guides from Automation Suppliers
Yokogawa
Emerson -
Honeywel
Siemens -
others
Patch and update the OS/
Remove or disable unnecessary services, applications, and network protocols
Configure OS user authentication . Configure access controls appropriately Install and
Basic Steps to Secure an Operating System
configure additional security
controls
Test the security of the OS
Games
Device drivers for hardware not included
Messaging services
Servers or clients for unused internet or remote access services
Software compilers (except from non-production, development machines) Software compilers
Examples of Unnecessary Software/Services
for unused languages
Unused protocols and services .
Unused administrative utilities, diagnostics, management and system management functions .
Test and sample programs or scripts . Unused productivity suites and word processing utilities
Unlicensed tools and shareware Universal Plug and Play services
IC34
2/18
, 10/17/24, 5:35 AM
Recommended technical control rules/values for hardening operating systems, middleware
and software applications, and network devices;
Accepted by government, business, professionals worldwide .
Downloaded several hunsreds thoudand times per year
CIS Security Configuration Distributed free of charge by CIS in .PDF format
Also available in XCCDF, a machine readable XML format
Used by thousands of enterprises as a basis for security configuration policies and the de facto
standard for IT configuratiob best practices.
https://www.cisecurity.org/
Windows Benchmarks Linux Benchmarks Windows Server 2000Amazon Linux Windows Server
2003CentOS Linux . Windows Server 2008Debian Linux Windows Server 2012Oracle Linux
Center for Internet Security (CIS)
Windows 7 . Red Hat Linux Windows 8 Slackware Linux WindowS NT . SuSE Linux Windows XP .
Ubuntu Linux
Provides prescriptive guidance for establishing a secure configuration posture for Microsoft
Windows 7
Details approximately 250 recommended settings for local group policies
For each policy
Description -
CIS Microsoft Windows 7 Benchmark
Rationale Audit -
Remediation -
Impact Default Value -
References
Extremely difficult and time consuming to manage settings
Numerous tools available to automate management settings on one more computers
Examples
Automating Windows Policy Management
Active Directory -
Microsoft Security Compliance Manager (SCM)
DISA STIGs
IC34
3/18
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Queenstin. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.99. You're not tied to anything after your purchase.