Module 4: Security Hardening

by
Contents hide
1 INTRODUCTION – Security Hardening
2 TEST YOUR KNOWLEDGE: OS HARDENING
3 TEST YOUR KNOWLEDGE: NETWORK HARDENING
4 TEST YOUR KNOWLEDGE: CLOUD HARDENING
5 MODULE 4 CHALLENGE
Spread the love

INTRODUCTION – Security Hardening

Such a course proves to be a complete one and will give the participants in-depth information and skills to harden the networks against potential threats. Students will understand security hardening, a proactive defense against evolving malicious threats and intrusion techniques. The course also emphasizes using security hardening to address the unique challenges presented by the cloud environments to give a larger perspective of modern networking security.

Using real-life scenarios and hands-on case studies, participants will finally connect theory to practice through the learnings that will end up mastering them in actual execution of needed measures to enforce effective security hardening. This course is an introduction to digital infrastructure security and its hurdles in today’s world of network security.

Learning Objectives

  • Techniques for operating system (OS) hardening are to be explained.
  • Identify and apply network and cloud hardening methods to prevent potential attacks on systems.
  • Give examples of effective strategies for network hardening best practices concerning securing cloud environments.

TEST YOUR KNOWLEDGE: OS HARDENING

1. Fill in the blank: The _____ acts as an intermediary between software applications and computer hardware.

  • baseline
  • operating system (CORRECT)
  • authorized user
  • access system

An operating system is a key link that lets the associated software package communicate and coordinate its use with the machine hardware.

2. Which of the following activities are security hardening tasks? Select all that apply.

  • Exploiting an attack surface
  • Making patch updates (CORRECT)
  • Enforcing password policies (CORRECT)
  • Disposing of hardware and software properly (CORRECT)

Security hardening identifies applying patch updates, proper disposal, and strong password policy implementations. It strengthens a system to minimize its vulnerabilities and reduce the attack surface.

3. Multifactor authentication (MFA) is a security measure that requires a user to verify their identity in at least two ways before they can access a system or network.

  • True (CORRECT)
  • False

The practice of two or more authentication mechanisms for an individual seeking access to a system or network is known as multi-factor authentication. This component will improve access control for the specific user, since they have to prove their identity through several means- at least two.

4. What are examples of physical security hardening? Select all that apply.

  • Installing security cameras (CORRECT)
  • Hiring security guards (CORRECT)
  • Removing or disabling unused applications
  • Reducing access permissions across devices

It should encompass a part of security hardening, such as physical spaces using security cameras, security guards, or access controls to diminish unauthorized access to the premises.

5. Fill in the blank: ____ refers to all the potential vulnerabilities a threat actor could potentially exploit in a system.

  • Configuration testing
  • Security hardening
  • Penetration testing
  • Attack surface (CORRECT)

An attack surface comprises all possible vulnerabilities within a system that a threat actor might exploit to compromise security.

6. In network security, why is it important to secure operating systems (OS) on each device?

  • To prevent the whole network being compromised by one insecure OS (CORRECT)
  • To provide employees the latest programs and features
  • To identify all vulnerabilities present in systems, networks, websites, applications, and processes
  • To reduce human error across an organization

It is critical to secure the operating system (OS) of every device because a single unsecured OS can be a weak link in the entire security chain of the network.

TEST YOUR KNOWLEDGE: NETWORK HARDENING

1. Fill in the blank: Security teams can use _____ to examine network logs and identify events of interest.

  • port filtering
  • network segmentation
  • baseline configuration
  • security information and event management (SIEM) tools (CORRECT)

The use of Security Information and Event Management (SIEM) tools breached into the power of security teams to analyze network logs with much noise. The tools collect and handle log data and are meant to ascertain critical activities in an organization with a view to detecting potential threats and responding to them with speed.

2. What is a basic principle of port filtering?

  • Allow ports that are used by normal network operations. (CORRECT)
  • Disallow ports that are used by normal network operations.
  • Block all ports in a network.
  • Allow users access to only areas of the network that are required for their role.

Keeping only those ports functioning as mandatory for the normal working operation onboard is the basic principle of port filtering. All other ports that are left unattended are blocked to reduce exposure and improve security.

3. A security professional creates different subnets for the various departments in their business, ensuring users have access that is appropriate for their particular roles. What does this scenario describe?

  • Firewall maintenance
  • Network segmentation (CORRECT)
  • Network log analysis
  • Patch updates

This is an example of network segmentation, or separating specific departments with subnets within the organization. This practice increases security because, although departments can share some resources, the other departments cannot access those resources, and a break would have lesser consequences.

4. Data in restricted zones should have the same encryption standards as data in other zones.

  • True
  • False (CORRECT)

Restricted zones in a network for highly classified or confidential data must have much stronger encryption standards as compared to other zones. This means that such sensitive data would be secured and virtually impossible for an unauthorized individual to break through and gain access to.

5. Fill in the blank: A _____ is an application that collects and analyzes log data to monitor critical activities in an organization.

  • Baseline configuration
  • Network log analysis
  • Security Information and Event Management tool (SIEM) (CORRECT)
  • Port filter

SIEM tools are applications that collect, analyze, and correlate log data from all sources for monitoring and detection of security incidents and suppression of major security threats in enterprises.

TEST YOUR KNOWLEDGE: CLOUD HARDENING

1. Fill in the blank: A key distinction between cloud and traditional network hardening is the use of a server baseline image, which enables security analysts to prevent _____ by comparing data in cloud servers to the baseline image.

  • unverified changes (CORRECT)
  • damaged data
  • improper resource storage
  • slow speeds

A major difference between cloud and traditional network hardening is having a baseline image for servers in the cloud. This image lets security analysts prevent unauthorized changes by comparing the current state of cloud servers with the baseline to ensure that only approved configurations and updates are applied.

2. Data and applications on cloud networks do not need to be separated based on their service category, such as their age or internal functionality.

  • True
  • False (CORRECT)

Just like OS hardening, applications and data in a cloud network should be segmented as per their category of service so that the security is enhanced. For instance, isolating old applications from new ones, and separating software dealing with internal functions from those that are front-end applications and accessible by users, helps minimize risk and thereby ensure that threats to one area do not contaminate the others.

3. Who is responsible for ensuring the safety of cloud networks? Select all that apply.

  • Security team (CORRECT)
  • Cloud service provider (CORRECT)
  • Individual users
  • department

Both the organization’s security team and its cloud service provider share responsibility for securing cloud networks. Usually, these data and applications, as well as the access by users, are secured by the organization, whereas the underlying cloud infrastructure, such as physical security, network security, and hypervisor security, is handled by the cloud service provider. Thus, there is a comprehensive security model existing across the entire cloud environment.

4. Fill in the blank: _____ cloud services are a common source of cloud security issues.

  • Misconfigured (CORRECT)
  • Unauthorized
  • Shared
  • Managed

It is diverse forms of configuration errors found in cloud services that usually result into vulnerability and weaknesses on cloud security. Incorrectly configured services can unintentionally leave open access to critical cloud operations for unauthorized uses which leads to exposure of sensitive data or even worse to damage done by malicious actions. Because of such configurations and inappropriate security audits, they usually recommend the correct configuration plus regular auditing of security.

5. What services can cloud networks usually provide to their customers?

  • Eliminate the need to set cloud configurations
  • Fix security vulnerabilities within company applications
  • Store servers on company premises
  • Host company data and applications (CORRECT)

This cloud-based network can accommodate a corporation’s data and applications; cloud computing-the basis for this type of network-offers storage, processing, and data analytics on demand, providing organizations with the capability to scale resources accordingly and achieve reduced infrastructure costs while allowing utilization of advanced analyses without having deep on-premises hardware.

MODULE 4 CHALLENGE

1. What are the purposes of performing a patch update for security hardening? Select all that apply.

  • Requiring a user to verify their identity to access a system or network.
  • Fixing known security vulnerabilities in a network or services. (CORRECT)
  • Preventing malicious actors from flooding a network.
  • Upgrading an operating system to the latest software version. (CORRECT)

2. Fill in the blank: Requiring employees to turn off their personal devices while in secure areas is an example of a _____ security hardening practice.

  • virtual
  • physical (CORRECT)
  • cloud-based
  • network-focused

3. An organization’s in-house security team has been authorized to simulate an attack on the organization’s website. The objective is to identify any vulnerabilities that are present. What does this scenario describe?

 
  • The Ping of Death
  • Penetration testing (CORRECT)
  • A Distributed Denial of Service (DDoS) attack
  • Packet sniffing

4. What are some methods for hardening operating systems? Select three answers.

  • Removing unused software to limit unnecessary vulnerabilities (CORRECT)
  • Configuring a device setting to fit a secure encryption standard (CORRECT)
  • Keeping an up-to-date list of authorized users. (CORRECT)
  • Implementing an intrusion detection system (IDS)

5. Fill in the blank: A/An _____ is a documented set of specifications within a system that is used as a basis for future builds, releases, and updates

  • network segment
  • virtual private network installation             
  • baseline configuration (CORRECT)
  • internet control message protocol update

6. Which OS hardening practice requires users to verify their identity in two or more ways to access a system or network?

  • Patch updates
  • SIEM
  • Port filtering
  • Multi-factor authentication (MFA) (CORRECT)

7. In what way might port filtering be used to protect a network from an attack?

  • By increasing the attack surface within a business network
  • By creating isolated subnets for each of the various departments within an organization
  • By helping analysts inspect, analyze, and react to security events based on their priority
  • By blocking or allowing certain port numbers in order to limit unwanted communication (CORRECT)

8. Fill in the blank: Security analysts use ____ to create isolated subnets for different departments in an organization.

  • penetration testing
  • network segmentation (CORRECT)
  • cloud hardening
  • patch updating

9. Fill in the blank: ____ is the process of strengthening a system to reduce its vulnerability and attack surface.

  • Security hardening (CORRECT)
  • Network hardening
  • Port filtering
  • SIEM

10. What is the relationship between security hardening and an attack surface?

  • Security hardening expands the attack surface.
  • Security hardening increases the attack surface.
  • Security hardening diminishes the attack surface. (CORRECT)
  • Security hardening permanently eliminates the attack surface.

11. A company’s executive team approves a proposal by the security director. The proposal involves security professionals simulating an attack on the company’s systems in order to identify vulnerabilities. What does this scenario describe?

  • Packet sniffing
  • A Distributed Denial of Service (DDoS) attack
  • Penetration testing (CORRECT)
  • The Ping of Death

12. Which of the following statements accurately describe OS hardening tasks? Select three answers.

  • Multi-factor authentication is a security measure requiring users to change passwords every month.
  • When disposing of software, it is a best practice to delete any unused applications. (CORRECT)
  • OS hardening is a set of procedures that maintain and improve OS security. (CORRECT)
  • Some OS hardening tasks are performed at regular intervals, while others are performed only once. (CORRECT)

13. Which OS hardening practice involves a security analyst comparing the current configuration to existing documentation about the OS?

  • Checking baseline configuration (CORRECT)
  • Performing port filtering over network ports
  • Verifying user identity when accessing an OS
  • Conducting a network log analysis

14. Which network hardening practice is used to create isolated subnets for different departments in an organization?

  • Penetration testing
  • Network segmentation (CORRECT)
  • Patch updating
  • Cloud hardening

15. Fill in the blank: A ____ is a collection of servers or computers that stores resources and data in remote data centers that can be accessed via the internet

  • SIEM
  • patch update
  • cloud network (CORRECT)
  • baseline configuration

16. When performing security hardening, what is the goal with regards to the attack surface?

  • Hide the attack surface
  • Augment the attack surface
  • Mirror the attack surface
  • Reduce the attack surface (CORRECT)

17. Fill in the blank: Installing security cameras is an example of a _____ security hardening practice.

  • software-based
  • physical (CORRECT)
  • virtual
  • network-focused

18. Which of the following statements accurately describes port filtering?

  • A firewall function that blocks or allows certain port numbers in order to limit unwanted network traffic (CORRECT)
  • A security protocol that provides an encrypted tunnel for issuing commands from a remote server
  • A security technique that divides a network into segments
  • A process performed by a VPN service that protects data by wrapping it in other data packets

19. Fill in the blank: Hiring a security guard is an example of a _____ security hardening practice.

  • software-based
  • virtual
  • physical (CORRECT)
  • network-focused

20. To help improve the security of a business, its in-house security team is approved to simulate an attack that will identify vulnerabilities in business processes. What does this scenario describe?

  • A Distributed Denial of Service (DDoS) attack
  • Penetration testing (CORRECT)
  • The Ping of Death
  • Packet sniffing

21. A security analyst reviews documentation about a firewall rule that includes a list of allowed and disallowed network ports. They compare it to the current firewall to ensure no changes have been made. What does this scenario describe?

  • Checking baseline configuration (CORRECT)
  • Responsibly managing applications
  • Upgrading the interface between computer hardware and the user
  • Verifying user identity when accessing an OS

22. Fill in the blank: The security measure _____ requires a user to verify their identity in two or more ways to access a system or network.

  • password policy
  • multifactor authentication (MFA) (CORRECT)
  • network log analysis
  • baseline configuration

23. A security team considers the best way to handle the different security zones within their network. They prioritize protecting the restricted zone by separating from the rest of the network and ensuring it has much higher encryption standards. What does this scenario describe?

  • Network segmentation (CORRECT)
  • Cloud hardening
  • Penetration testing
  • Patch updating

24. Which of the following are OS hardening tasks? Select three answers.

  • Installing security cameras
  • Regularly installing updates (CORRECT)
  • Using secure encryption standards (CORRECT)
  • Implementing multifactor authentication (CORRECT)

25. What is one key similarity between regular web servers and cloud servers?

 
  • In both, all applications are stored together, regardless of their age.
  • They both require proper maintenance and security hardening. (CORRECT)
  • They both use baseline images stored in the cloud to compare data.
  • In both, all data and application are stored together, regardless of their service category.

Leave a Comment