Security hardening task Description

A documented set of specifications within a

Baseline configurations system that is used as a basis for future
Updating the encryption
builds, releases, and updates.standards for data
Configuration checks
that is stored in databases.
servers, and more to prevent potentially
Disabling unused ports Rules or methods
dangerous networkused to conceal
traffic outgoing
from passing
Encryption using the latest standards data and uncover or decrypt the
Firewall maintenance entails checking and incoming
Firewall maintenance data.
updating security configurations regularly
Ensures that all
to stay ahead of old hardware
potential is properly
threats.
Hardware & software disposal
wiped of all data and disposed
access a system or network. MFA of. options
Multifactor authentication (MFA) permitting, limiting, pin and/or blocking access
include a password, number, badge,
Network access privileges privileges to network assets for people,
The
roles,process
groups,ofIPexamining
addresses,network logs to
MAC addresses,
Network log analysis recommendations for password policies
identify events of interest.
Password policies focuses
A softwareon using methods system
and operating to salt and
(OS)hash
Patch updates passwords,
update rather
that addresses than requiring
security overly
A simulated attack that helps identify
Penetration test (pen test) vulnerabilities
vulnerabilities within
in a program
systems, or product.
networks,
A firewall function that blocks or allows
Port filtering websites,
certain port applications,
numbers toand limitprocesses.
unwanted
Removing or disabling unused become a point of vulnerability because
communication.
applications and services protect
they aredata
lessassets
likely from
to be being lost. Backups
maintained or
Server and data storage backups can be recorded and stored in a physical
location or uploaded/synced to a cloud
Common
To restore uses
a system to a previous baseline after a
network outage, or unauthorized changes on a
To see if there are any unauthorized changes to
baseline.
actors from entering the network through the
the system.
open port. Can be used
current encryption after an
standards areincident to
secure and
prevent
effective future attacks from happening through
updated inforresponse
your organization.
to an event The that encryption
allows
standards
abnormal can also
network be updated
traffic into after
the a data This
network.
removing outdated or unused software or
measure
hardwarecan thatbedoused
not to
haveprotect against
the latest various
security
similar security events. MFA can
patches or updates. Unpatched devices can allowbe
outside trafficatfrom
implemented any accessing
time, and the internal
is mostly a
network.
This can be This caneither
used be implemented once, or
before an incident
revisitedduring
occurs, depending
to trackon network
the likelihood ofand
social
traffic,either can
from easily guessing user passwords,
be configured
manually or by inusing
the response of attempt
a scriptpatches
to a cybersecurity
date with the latest security because
thousands of stolen passwords
attackers will be alerted to the security (commonly
Pen tests are used
vulnerability whentopatches
protectareandreleased.
prevent They
against
Port filtering
potential is used to control network traffic
attacks.
and can prevent potential attackers from
This procedure
entering a privateis used to reduce potential
network.
Backups are used
vulnerabilities to restore
within lost data from
a network.
attacks, human error, equipment failures, and
other unplanned losses.