Secure Operating Environments - OS Hardening Flashcards Preview

HCISSP ISC2 > Secure Operating Environments - OS Hardening > Flashcards

Flashcards in Secure Operating Environments - OS Hardening Deck (8)
Loading flashcards...
1
Q

what are the top four strategies to prevent cyber intrusions ?

A
  • White-list approved applications
  • Patch third-party applications and OS vulnerabilities
  • Restrict administrative privileges
  • Create a defense-in-depth system
2
Q

What is a secure Base OS ?

A
  • Installed and patched
  • Hardened and correctly configured
  • Test security of basic OS to ensure that steps taken adequately address its security needs
3
Q

How can we harden an OS ?

A
  • Removing unnecessary services, applications, protocols
  • Configuring users, groups, and permissions
  • Configuring resource controls
4
Q

What are additional security controls that can be added to harden an OS ?

A

antivirus, host-based firewalls, and intrusion detection system (IDS)

5
Q

Why do we need to configure our OS ?

A

Default configuration might not be secure:
- Default configuration set to maximize ease of use and
functionality rather than security
- Additional packages can later be installed if required

6
Q

Why do we need an System planning process for our OS ?

A

System planning process should identify what is required for a given system. -> less Software on the machine -> less risk

7
Q

How should we restrict elevated privileges ?

A

Elevated privileges should be restricted to those users that require them, and only when needed to perform a task

8
Q

What should we consider in the System planning process concerning users, groups and permissions ?

A
  • Categories of users on the system
  • Privileges they have
  • Types of information they can access
  • How and where access control configuration is set

Decks in HCISSP ISC2 Class (56):