The concept of hardening is ideally locking down
the system to become secure. This can be
done by removing any unneeded software, stopping any unneeded services,
ensuring all patches are up to date, and last but not least all user accounts
are checked for security. Windows
Servers utilize hardening to enhance security within the operating system.
The three ways of which an operating system can
harden is by stopping any unnecessary services.
Uninstalling unneeded software from the system can also harden the
operating system. Another way of which
an operating system can be hardened is by ensuring every patch is up to date
the moment it becomes available.
User account control (UAC) is extremely critical
to any computer and network security system.
The usage of UAC is very crucial to the hardening process of any
operating system. If proper UAC is not
enforced then the network is not nearly as secure as you would hope. It does not take too much extra time to
enforce the correct policies and procedures for managing UAC. The three best practices when managing user
accounts start with disabling accounts that are not needed, strong passwords
that meet company policy, and the least amount of privileges for each account
the better.
Any accounts of which are not in use could open
a door to hackers; even with minimal access they can cause harm. Employees who are no longer with the company,
whether they were permanent or temporary need their account disabled
immediately following the steps they take outside the door. Do not forget about disabling the default
guest accounts that most operating systems come with.
Setting up a policy to enforce strong passwords
across the network may be a bit time consuming but it is well worth the time
spent. End users will try to leave notes
to remind themselves what their passwords are around their desk which is
definitely forbidden. They will also try
to set passwords that are extremely easy to remember which means they are easy
to hack, such as qwerty12345.
A temporary employee does not need full access
to every file and server on the network, therefore it would be best to place
them within a group with minimal access.
Permanent employees that handle specific files in accounting can be
placed within a group specifically for accountants. Network administrators should have two
accounts, one of which is a basic all access account with little to no
administrator rights. The other account
should have full admin rights across the network to ensure they are able to
support and fix any issues that may appear.
These users should only use the full admin account when needed.
When creating a remediation policy for a company
I would take many factors into consideration, such as whether the threat is
minor, serious, or critical. Depending
on the classification of the recently established vulnerability would alter the
remediation plan policy implemented. For
example, if the vulnerability consisted of a system that was not updated
recently and required a patch, we would then test the newly released patch and
then apply if necessary. Afterwards, we
would ensure the automation for patches and updates was setup properly to
guarantee this vulnerability does not appear again. If the complexity of the network
infrastructure is too complicated for the team to secure then simplifying the
environment could be beneficial.
The
Microsoft Baseline Security Analyzer is a nifty tool that any network
administrator can use to test their security state as long as they are running
on a system that is compatible. This
tool can help find and detect problems within the configuration and any
software updates. The tool MBSA uses the
following ports, 138 and 139 in order to perform the necessary vulnerability
scans. This tool does in fact require
administrator privileges on all computers involved in the scan.
References
Dulaney, E., & Easttom, C. (2014). CompTIA
Security+ Study Guide, Sixth Edition. Indianapolis: John Wiley & Sons,.
Retail Pro.
(n.d.). Retrieved from http://www.retailpro.com/
Sales Force.
(2016). Retrieved from Salesforce.com
TripWire.
(2016). Retrieved from TripWire:
http://www.tripwire.com/it-security-software/scm/file-integrity-monitoring/
Wireless attacks and its types. (n.d.). Retrieved December 11, 2016, from Exam
Collection:
http://www.examcollection.com/certification-training/security-plus-wireless-attacks-and-their-types.html
No comments:
Post a Comment