Page 531 - StudyBook.pdf
P. 531
Infrastructure Security: System Hardening • Chapter 8 515
Summary of Exam Objectives
This chapter looked at the broad concept of infrastructure security, and specifically
discussed the concepts and processes for hardening various sections of systems and
networks. OS and NOS security and configuration protections were discussed as
were file system permission procedures, access control requirements, and methods
to protect the core of systems from attack. Security+ exam objectives were studied
in relation to network hardening and in relation to hardening by visiting potential
problem areas in the network arena, including configuration concerns,ACLs, and
elimination of unnecessary protocols and services from the network.We also
looked at how these hardening steps might improve and work with the OS and
NOS hardening and ways to obtain, install, and test various fixes and software
updates.The discussion ended by delving into the area of application hardening,
concerning the potential configuration and security issues applied to various types
of servers and services that administrators might offer in their overall environment.
These included looks at network services such as DNS and DHCP, and specific
types of application services such as e-mail, databases, NNTP servers, and others.
Exam Objectives Fast Track
Concepts and Processes of OS and NOS Hardening
Harden following the principle of “least privilege” to limit access to any
resource
Set file access permissions as tightly as possible
Track, evaluate, and install the appropriate OS patches, updates, service
packs, and hotfixes in your system environment
Network Hardening
Eliminate unused and unnecessary protocols and services to limit exposure
to attacks
Create and build strong ACLs for control of devices and network
operations
www.syngress.com
