Information

Security 1
 TOPIC DISCUSSION

6 Securing Systems
6.1 Unnecessary Applications
6.2 Restricting Applications
6.3 Unnecessary Services
6.4 Trusted Operating System
6.5 Updates and Patches
6.6 Patch Management

6.7 Group Policies

6.8 File Systems and Hard Drives
 TOPIC DISCUSSION

7 Virtualization
7.1 Hypervisors
7.2 Threats to VMs
7.3 Securing VMs
7.4 Bluetooth Attacks
SECURING
SYSTEM
Hardening is the practice of
making a system or application
more secure from its default
installation.
 Unnecessary Applications
How to find and uninstall programs you don’t use
> Regular uninstall

> Uninstall new or preinstalled Windows apps

> Uninstall apps you rarely use

> Avoid installing unrecognized apps or apps from unknown authors.
> Uninstalling apps from root folders and Program files folder
> Windows Defender detects applications and associated tag files as a
potentially unwanted program.
 Restricting Applications

You can control what software can be installed on a system and

what software can run on a system to avoid malicious threats.
 Unnecessary Services

The more services that are running on your computer, the more
opportunities there are for others to use them, break into or take
control of your computer through them.
 Trusted Operating System

Trusted operating systems are enhanced versions of everyday

operating systems such as Windows NT or Unix that are made
more secure.
 Updates and Patches

Patches are software and operating system (OS) updates that

address security vulnerabilities within a program or product.
Software vendors may choose to release updates to fix
performance bugs, as well as to provide enhanced security
features.
 Updates and Patches

Users can install updates manually or elect for their software

programs to update automatically. Manual updates require the
user or administrator to visit the vendor’s website to download
and install software files. Automatic updates require user or
administrator consent when installing or configuring the
software. Once you consent to automatic updates, software
updates are “pushed” (or installed) to your system automatically.
 Patch Management

Patch management is a hardening procedure that ensures that

systems and applications stay up to date with current patches.
This is one of the most efficient ways to reduce operating
system and application vulnerabilities, since it protects systems
from known vulnerabilities. Patch management includes a group
of methodologies and includes the process of identifying,
downloading, testing, deploying, and verifying patches.
 Group Policies

Windows domains use Group Policy to manage multiple users

and computers in a domain. Group Policy allows
an administrator to configure a setting once in a Group Policy
object (GPO) and apply this setting to many users and
computers within the domain. Group Policy is implemented on a
domain controller in a domain, but can also be applied to
individual computers.
 File Systems and Hard Drives

It is important to understand hard disks and filesystems, as these

are the major sources of data storage. People usually delete their
tracks after committing a crime with a computer in order to
avoid being traced. That is why recovering the deleted files of
hard disks and analyzing filesystems is important when
investigating a computer-based crime.
 Hypervisors

A hypervisor, also known as a virtual machine monitor, is a

process that creates and runs virtual machines (VMs). A
hypervisor allows one host computer to support multiple guest
VMs by virtually sharing its resources, like memory and
processing.
 Threats to VMs

Virtual machine escape vulnerabilities are the most serious issue

that may exist in a virtualized environment, particularly when a
virtual host runs systems of differing security levels. In an
escape attack, the attacker has access to a single virtual host and
then manages to leverage that access to intrude on the resources
assigned to a different virtual machine.
 Securing VMs

To secure your VMs, keep the guest operating systems patched

and protect your environment just as you protect your physical
machine. Consider disabling unnecessary functionality,
minimize the use of the VM console, and follow other best
practices.