A standardized workstation setup, including OS, essential applications, and strict policies in corporate networks
Secure Baseline Imaging
A security measure that permits only approved applications to run on an OS
Allowlisting
Entails preventing listed applications from running, allowing all others to execute
Blocklisting
Background applications that operate within the OS, executing a range of tasks
Services
Designed to provide a secure computing environment by enforcing stringent security policies that usually rely on mandatory access controls
TOS
Set of controls that are installed on top of another Linux distribution like CentOS or Red Hat Linux
SELinux
(Security-Enhanced Linux)
A software patch that solves a security issue and should be applied immediately after being tested in a lab environment
Hotfix
Provides a system with additional functionality, but it does not usually provide any patching of security related issues
Update
Includes all the hotfixes and updates since the release of the OS
Service Pack
Planning, testing, implementing, and auditing of software patches
Patch Management
Creating policies, procedures, and systems to track and verify patch compatibility
Planning
Set of rules or policies that can be applies to a set of users or computer accounts within an OS
Group Olicies
Permission schemes that are designed by various properties for a given file or process
Context-based Permission
Default context-based permission scheme that’s included inside of CentOS and Red Hat Enterprise Linux
SELinux
Defines what users can access an object
User
Defines what roles can access a given object
Role
Groups objects together that have similar security requirements or characteristics
Type
Used to describe the sensitivity level of a given file, directory, or process
Level
Process of converting data into a secrect code to prevent unauthorized access
Data Encryption
Encrypts the entire hard drive to protect all of the data being stored on it
Full Disk Encryption
Similar to full-disk encryption, but it is only applied to a specific partition on the storage device
Partition Encryption
Used to encrypt a set space on the storage medium, creating an encrypted container that can house various files and folders
Volume Encryption
Secure the entire database, extending to multiple storage devices or cloud storage, similar to full-disk encryption
Database Encryption
Used to encrypt individual records or rows within a database
Record-level Encryption
-
Data Protection37
-
Cryptographic Solutions20
-
Fundamentals of Security59
-
Threat Actors40
-
Physical Security25
-
Social Engineering34
-
MALWARE27
-
Third-Party Vendor Risks26
-
Security Infrastructure93
-
Governance and Compliance39
-
Vulnerabilities and Attacks49
-
Asset and Change Management36
-
Cyber Resilience and Redundancy51
-
Security Techniques58
-
Security Architecture40
-
Incident Response33
-
Alerting and Monitoring20
-
Identity and Access Management Solution57
-
HARDENING25
-
Vulnerability Management20
-
Malicious Activity31
-
Security Awareness13
-
Investigating an Incident10
-
Orchestration and Automation31
-
Areas Need Improvement13
-
Test-Data Monitoring10
