HARDENING STRATEGIES

HARDENING STRATEGIES

What hardening guidelines or standards are you familiar with?

Updates and patches

In this strategy, updates are downloaded by users to add to the software’s existing features. Patches help in keeping the OS stable and secure. System updating helps in hardening the system, thus making them strong to withstand different technological attacks (Shin et al. 2014).

Default passwords

These are assigned by the developer to a program or a hardware device and should be changed to a password that only the operate would know to help in system hardening.

What steps have you taken to harden systems?

Programs clean-up – this involves removing programs that are not necessary.

Using service packs- this is through installing the latest versions.

Patches and patch management- making sure that the OS and individual programs on the computers of the clients are patched regularly.

Group policies- defining what groups can or cannot access and maintain the rules.

Using security templates- loading a group of policies in one procedure.

Baselining- involves measuring changes occurring in software, networking, and also hardware.

What function does each of the strategies discussed serve?

Group policies help in preventing user error, which results in a cyberattack.

Program clean-up helps in limiting the entrance points of hackers.

Baselining helps in maintaining security and meeting the needs of the clients.

Keeping OS up to date helps in eliminating weak points that increase susceptibility to attack as well as exploitation (Giuffrida et al. 2012).

Patches are advantageous in helping in protecting the Operating system from vulnerable attacks.

Service packs ensure that the Operating system is robust and secure.

Task 2

What are the practical responses to a security breach?

The effective responses to a security breach begin by being prepared for the breach before it occurs. In case of the occurrence of a security breach, having a checklist lets those taking care of the incident to recognize the steps to take without time wastage in figuring what should be done.

Upon the occurrence of a security breach, the IT team’s quick reaction is vital for an effective response. They must secure all devices on a network that are critical. Immediate isolation of compromised devices is necessary (Chahal, 2012). The team ought to give users instructions through email on the steps to take to ensure the incidence is effectively taken care of.

Which actions you would recommend for each phase?

Preparation- There should be proper documentation of the response plan, and the roles and responsibilities of every person should be thoroughly explained.

Identification-  determining whether a security breach has occurred.

Containment- containing breach once it occurs to ensure it does not spread, causing further damage to the business.

Eradication- the root cause of the breach should be identified and eliminated.

Recovery- restoring and returning to the business systems and devices that have been affected

Lessons learned- a meeting after the action should be held with the members of the incident response team and discussing the lessons learned from the breach (Gordon et al. 2011).

References

Chahal, V. (2012). U.S. Patent No. 8,245,289. Washington, DC: U.S. Patent and Trademark Office.

Giuffrida, C., Kuijsten, A., & Tanenbaum, A. S. (2012). Enhanced operating system security through efficient and fine-grained address space randomization. In Presented as part of the 21st {USENIX} Security Symposium ({USENIX} Security 12) (pp. 475-490).

Gordon, L. A., Loeb, M. P., & Zhou, L. (2011). The impact of information security breaches: Has there been a downward shift in costs?. Journal of Computer Security, 19(1), 33-56.

Shin, S., Song, Y., Lee, T., Lee, S., Chung, J., Porras, P., … & Kang, B. B. (2014, November). Rosemary: A robust, secure, and high-performance network operating system. In Proceedings of the 2014 ACM SIGSAC conference on computer and communications security (pp. 78-89).