What is the process of hardening in cybersecurity?
Enhancing system, application, or network security
Measures include applying security patches, configuring access controls, and disabling unnecessary services.
List the measures involved in the hardening process.
- Apply security patches
- Configure access controls
- Disable unnecessary services
These measures aim to strengthen overall security posture and resilience against cyberattacks.
What are default configurations?
Preset settings that come with a system or application
Changing default passwords, open ports, and insecure configurations is crucial for security.
What is the purpose of restricting applications?
To control which applications can run on a workstation
This includes application allowlisting and blocklisting.
What are the risks of running unnecessary services?
Increased attack surface and potential vulnerabilities
Disabling unnecessary services helps reduce these risks.
Define trusted operating systems.
Operating systems designed to provide a secure computing environment
They enforce stringent security policies and often rely on mandatory access controls.
What is the Evaluation Assurance Level (EAL)?
A predefined security standard and certification for evaluating security controls
EAL 1 is the lowest level, while EAL 7 is the highest.
What is the difference between updates and patches?
- Updates: Additional functionality, may introduce vulnerabilities
- Patches: Fix security issues, should be applied immediately
Effective patch management is crucial for maintaining security.
What is patch management?
Planning, testing, implementing, and auditing of software patches
It is important for compliance and security.
What is the four-step process of patch management?
- Planning
- Testing
- Implementing
- Auditing
Each step is crucial for effective patch management.
What are Group Policies in Windows environments?
A set of rules and policies applied to users or computer accounts
They help manage user and computer settings centrally.
What is the purpose of secure baselines?
To establish a secure starting point for minimizing security risks
Secure baselines help in maintaining consistent security configurations.
What is SELinux?
A security mechanism that provides an additional layer of security for Linux distributions
It enforces Mandatory Access Control (MAC).
What are the three main contexts in SELinux?
- User Context
- Role Context
- Type Context
These contexts help in fine-grained access control.
What are the modes of SELinux?
- Disabled Mode
- Enforcing Mode
- Permissive Mode
Each mode determines how SELinux policies are applied.
What is the difference between allowlisting and blocklisting?
- Allowlisting: Only approved applications can run
- Blocklisting: All applications can run except those explicitly denied
Allowlisting is generally more secure than blocklisting.
What is the role of Group Policy Editor?
To create and manage policies within a Windows environment
Access it by entering ‘gpedit’ in the run prompt.
What is data encryption?
The process of converting data into a secret code to prevent unauthorized access
Different levels of data encryption exist, including full-disk and file encryption.
What does SELinux capture in an audit log?
Violation messages
Violations occur when unauthorized access is attempted or actions contradict existing policies.
What is required for initial SELinux setup to avoid false violations?
Policy tweaking and fine-tuning
Strong security depends on creating effective restricted profiles and hardening applications.
Define Data Encryption.
Process of converting data into a secret code to prevent unauthorized access
Data encryption is crucial for protecting sensitive information.
What are the levels of data encryption?
- Full-disk
- Partition
- Volume
- File-level
- Database
- Record
Each level serves different purposes in securing data.
What does full-disk encryption do?
Encrypts the entire hard drive
This protects all data stored on the drive.
What is the purpose of VeraCrypt?
Selectively encrypts partitions
It allows for encryption of sensitive documents while leaving the OS partition unencrypted.
-
Fundamentals of Security46
-
Threat Actors22
-
Physical Security19
-
Social Engineering17
-
Malware19
-
Data Protection18
-
Cryptographic Solutions53
-
Risk Management17
-
Third-party Vendor Risks17
-
Governance and Compliance19
-
Asset and Change Management27
-
Audits and Assessments26
-
Cyber Resilience and Redundancy38
-
Security Architecture34
-
Security Infrastructure39
-
Identity and Access Management (IAM) Solutions56
-
Vulnerabilities and Attacks47
-
Malicious Activity38
-
Hardening32
-
Security Techniques37
-
Vulnerability Management31
-
Alerting and Monitoring32
-
Incident Response28
-
Investigating an Incident16
-
Automation and Orchestration28
-
Security Awareness27
