Hardening

The concept of hardening is ideally locking down the system to become secure.  This can be done by removing any unneeded software, stopping any unneeded services, ensuring all patches are up to date, and last but not least all user accounts are checked for security.  Windows Servers utilize hardening to enhance security within the operating system.  

The three ways of which an operating system can harden is by stopping any unnecessary services.  Uninstalling unneeded software from the system can also harden the operating system.  Another way of which an operating system can be hardened is by ensuring every patch is up to date the moment it becomes available.

User account control (UAC) is extremely critical to any computer and network security system.  The usage of UAC is very crucial to the hardening process of any operating system.  If proper UAC is not enforced then the network is not nearly as secure as you would hope.  It does not take too much extra time to enforce the correct policies and procedures for managing UAC.  The three best practices when managing user accounts start with disabling accounts that are not needed, strong passwords that meet company policy, and the least amount of privileges for each account the better. 

Any accounts of which are not in use could open a door to hackers; even with minimal access they can cause harm.  Employees who are no longer with the company, whether they were permanent or temporary need their account disabled immediately following the steps they take outside the door.  Do not forget about disabling the default guest accounts that most operating systems come with.

Setting up a policy to enforce strong passwords across the network may be a bit time consuming but it is well worth the time spent.  End users will try to leave notes to remind themselves what their passwords are around their desk which is definitely forbidden.  They will also try to set passwords that are extremely easy to remember which means they are easy to hack, such as qwerty12345.

A temporary employee does not need full access to every file and server on the network, therefore it would be best to place them within a group with minimal access.  Permanent employees that handle specific files in accounting can be placed within a group specifically for accountants.  Network administrators should have two accounts, one of which is a basic all access account with little to no administrator rights.  The other account should have full admin rights across the network to ensure they are able to support and fix any issues that may appear.  These users should only use the full admin account when needed.

When creating a remediation policy for a company I would take many factors into consideration, such as whether the threat is minor, serious, or critical.  Depending on the classification of the recently established vulnerability would alter the remediation plan policy implemented.  For example, if the vulnerability consisted of a system that was not updated recently and required a patch, we would then test the newly released patch and then apply if necessary.  Afterwards, we would ensure the automation for patches and updates was setup properly to guarantee this vulnerability does not appear again.  If the complexity of the network infrastructure is too complicated for the team to secure then simplifying the environment could be beneficial.  

The Microsoft Baseline Security Analyzer is a nifty tool that any network administrator can use to test their security state as long as they are running on a system that is compatible.  This tool can help find and detect problems within the configuration and any software updates.  The tool MBSA uses the following ports, 138 and 139 in order to perform the necessary vulnerability scans.  This tool does in fact require administrator privileges on all computers involved in the scan.

References

Dulaney, E., & Easttom, C. (2014). CompTIA Security+ Study Guide, Sixth Edition. Indianapolis: John Wiley & Sons,.

Retail Pro. (n.d.). Retrieved from http://www.retailpro.com/

Sales Force. (2016). Retrieved from Salesforce.com

TripWire. (2016). Retrieved from TripWire: http://www.tripwire.com/it-security-software/scm/file-integrity-monitoring/

Wireless attacks and its types. (n.d.). Retrieved December 11, 2016, from Exam Collection: http://www.examcollection.com/certification-training/security-plus-wireless-attacks-and-their-types.html