Section 6: Hardening

Question 1

What is the principle of Hardening?

Answer 1

Hardening is the a process to mitigate risk by minimizing vulnerability to reduce exposure to threats.

Question 2

What is the principle of Least Functionality?

Answer 2

Process of configuring workstation or server to only provide the essential applications and services

Question 3

What is a good way to Implement the Least functionality when adding a new device?

Answer 3

Centralized Group Policies
Baseline Images
Microsoft System Center configuration

Question 4

What is System Center Configuration Management?

Answer 4

System Center Configuration Management (SCCM) is a centralized management system for policies and software across the network of devices.

Question 5

What are two ways to restrict application on endpoints in the network?

Answer 5

Whitelist and Blacklist application

Question 6

What is Application Whitelisting?

Answer 6

Application whitelisting is setting up specific application that are allowed to be used and black all others

Question 7

What is Application Blacklisting?

Answer 7

Application blacklisting is restricting specific applications and allowing all others

Question 8

What are Services on a device?

Answer 8

Services are a type of application that runs in the background of the application, preforming various functions

Question 9

How do you open the Services app on Windows?

Answer 9

Run services.msc app

Question 10

How do you stop a service on windows from the command prompt?

Answer 10

> sc stop “service name”
or
net stop “service name”

Question 11

How do you open services on OS X?

Answer 11

Activity monitor

Question 12

How can you stop a service on OS X and Linux?

Answer 12

Terminal

user$ kill pid “pid number”

Question 13

How could you open services on both Linux and OS X?

Answer 13

Because OS X is a linux based, you can use terminal on both of them stop and see services.

user$ top (to see services running)
user$ kill pid “pid number” (to stop service)

Question 14

What is a Trusted Operating System (TOS)?

Answer 14

Trusted Operating System (TOS) is an operating system that meets the requirements set by the government and has multilayered security.

Question 15

List a few Trusted Operating Systems (TOS)?

Answer 15

macOS 10.6+
Windows 7 +
Redhat Enterprise server

Question 16

What is a Patch or Hotfix?

Answer 16

Patch/Hotfix is a single problem-fixing piece of software for an operating system or application

Question 17

What is a Critical Update?

Answer 17

Critical Update is software code for a specific problem adding a critical, non-security bug in software

Question 18

What is a Service Pack?

Answer 18

Service Pack is a tested, cumulative grouping of patches, hot fixes, security updates, critical updates and possibly some features.

Question 19

What is Windows Update?

Answer 19

Windows update is a recommended update to fix a non-critical problem that users have found, as well as to provide additional features and capabilities

Question 20

What is a Driver Update?

Answer 20

Driver update is a device driver update to fix a security issue or add new feature to supported piece of hardware.

Question 21

What is Patch Management?

Answer 21

Patch management is the process of planning, testing, implementing, and auditing of software patches

Question 22

What is Planing in patch management?

Answer 22

Planning is the process of verifying the compatibility with our system and planing for how you will test and deploy the system.

Question 23

What is Testing in patch management?

Answer 23

Testing in patch management is the process of testing a new patch on a small subset of the network endpoints to ensure compatibility and reduce possibly of critical failures across you whole network.

Question 24

What is Implementation in patch management?

Answer 24

Implementation is the process of actually installing the patch into the network endpoints.

Question 25

What is Auditing in patch management?

Answer 25

Auditing is the process of checking the patch system for failures or other problems.

Question 26

What type of system can help with the implementation of patches during the patch management process in large networks?

Answer 26

Centrally located system (Microsoft System center configuration manager) is the best way to push patches out to large networks.

Question 27

What is group policy in relation to networks of endpoints?

Answer 27

Group policy us used to create and manage policies for your network.

Question 28

How do you access group policy in windows environment?

Answer 28

group policy in windows can be accesses with gpedit

Question 29

What is active directory?

Answer 29

active directory is an object based system for managing policies.

Question 30

What is a Security Template in group policy?

Answer 30

A security template is a group of policies that can be loaded through one procedure

Question 31

What it Group Policy Objectives?

Answer 31

Group Policy Object is a group of virtual policies that aid in the hardening of the system

Question 32

What is Baseline in group policy?

Answer 32

Baseline is the process of measuring changes in the network, hardware and software environment.

Question 33

What are the benefits of Baselining systems in the network?

Answer 33

The benefits of Baseling is it helps in establishing what is normal in the organization so you can identify what is abnormal.

Question 34

What is the most secure Windows file system?

Answer 34

New Technology File System (NTFS) is more secure because it support logging, encryption, larger partitions, and larger file size than FAT32

Question 35

What is apples file system?

Answer 35

APFS, Apple protected file system?

Question 36

What is NTFS for windows?

Answer 36

NTFS - New technology file system for windows which is the default file system for windows

Question 37

5 steps to reduce HDD data loss?

Answer 37

1) remove temp files - malware like to run in it
2) periodic file system check
3) Disk defragment
4) Backup of data
5) Use and practice restoration techniques (help check that backups are working)