Question

In: Computer Science

discuss a relevant issue regarding Hardening of Information Systems

discuss a relevant issue regarding Hardening of Information Systems

Solutions

Expert Solution

Systems hardening is a collection of tools, techniques, and best practices to reduce vulnerability in technology applications, systems, infrastructure, firmware, and other areas. The goal of systems hardening is to reduce security risk by eliminating potential attack vectors and condensing the system’s attack surface. By removing superfluous programs, accounts functions, applications, ports, permissions, access, etc. attackers and malware have fewer opportunities to gain a foothold within your IT ecosystem.

The process of securing an operating system is referred to as “hardening” or at times as “lock down.”

Some basic hardening techniques include the following:

Non-essential services – It is of importance that an operating system can only be configured to perform tasks for which it is assigned. For example, it is not necessary to have SMTP or HTTP services run on the system only when a host is functioning as a mail server or web.

Fixes and Patches -This is an ongoing endeavor. Operating systems should be updated with the most recent security updates.

Password Management – Many operating systems provide options for strong passwords enforcement. This ensures that users are prevented from configuration of weak passwords which can be easily guessed. Additionally, users are able to regularly change passwords. User accounts are disabled after a number of failed attempts to login.

Unnecessary accounts – Unused user accounts that are unnecessary must be disabled or even deleted from the operating systems. It is crucial to monitor employee turnover; when the employees leave an organization their accounts should be disabled or deleted.

Directory and File Protection – There should be strict controlled measures put in place for accessing directories and files through use of file permissions and access control lists.

File System Encryption – Some file systems support encryption of files and folders. For additional security, it is vital to ensure that partitions in a hard disk are formatted together using a file system that supports encryption features like NTFS for Windows and so on. This should be applied to sensitive data.

Enable Logging – The Operating system should be configured to ensure logging of all errors, activities and warnings.

File Sharing – Unnecessary file sharing should be disabled

Hardening the Network- Different techniques can be used to achieve this such as updating hardware and software (This is a vital part of network hardening; it involves ensuring that the network firmware in the routers are updated regularly with the latest fixes and patches).

Password Protection – Wireless access points and routers have provisions for interfaces that allow the network to be remotely management and accessed. Such devices should therefore be protected by strong passwords.

Unnecessary Services and Protocols – All services and protocols that are unnecessary should be disabled; ideally, the hosts in the network should have such services and protocols deleted. A case in point is that, it is unnecessary to have protocols for AppleTalk installed and configured on any systems in a pure TCP/IP network environment.

Ports – Ports that are not needed should be blocked by a firewall and any associated services in the hosts in the network should be disabled. For example, it is not logical to allow traffic for port 80 to pass through the firewall in a network that has a host acting as a web server.

Wireless Security – There configured of wireless networks up to highest available security level.

Restricted Network Access – A number of steps should be taken in order to prevent unauthorized access to internal networks.


Related Solutions

discuss in a few sentences: the definition of relevant information, and an example of non-relevant information...
discuss in a few sentences: the definition of relevant information, and an example of non-relevant information and why it is not helpful in the decision-making process discuss in a few sentences: the Net Present Value method. Discuss the mechanics of how it's computed and the logic and purpose of the method itself.
Discuss the relevant economic theories and principles of the issue of global warming?
Discuss the relevant economic theories and principles of the issue of global warming?
What is and/or should be nursing’s role in decision making regarding selecting information systems?
What is and/or should be nursing’s role in decision making regarding selecting information systems?
Identify and discuss one current issue that is impacting healthcare systems in the USA and how...
Identify and discuss one current issue that is impacting healthcare systems in the USA and how this issue might have impacted existing strategic plans of healthcare organizations and cause organizations to implement contingency plans or change plans. Give examples to help you explain your answer.
Consider a pharmacy information system (as a subsystem of the clinical information systems) A3.1. Discuss in...
Consider a pharmacy information system (as a subsystem of the clinical information systems) A3.1. Discuss in a structured way all the inputs and then the outputs from a pharmacy information system. A3.2. Describe the links of a pharmacy system to other health care information systems. A3.3. What are the benefits that may occur as a result of the use of a computerized pharmacy information system.
1. What are the age hardening alloy systems in Al-based alloys based on classification of major...
1. What are the age hardening alloy systems in Al-based alloys based on classification of major alloyingsystems for Al-based alloys? 2.In alloy system of Al - 4.4%Cu - 0.8%Si - 0.8%Mn - 0.5%Mg which is commonly used for aircraft structures, sketch and explain all transformation stages during age hardening. What is the driving mechanism for each step?
discuss two main categories of information systems that organisations use
discuss two main categories of information systems that organisations use
Regarding Assesing and Achieving value in health Care Information Systems select a project from and organization...
Regarding Assesing and Achieving value in health Care Information Systems select a project from and organization or past experience and expand on the value proposition that justfies the investment of scare resources in the project. How would you measured sucess? How would you ensure sucessand the achievement of the benefits anticipated by the project?
Lopez Information Systems management is planning to issue 10-year bonds. The going market yield for such...
Lopez Information Systems management is planning to issue 10-year bonds. The going market yield for such bonds is 8.125 percent. Assume that coupon payments will be made semiannually. Management is trying to decide between issuing an 8 percent coupon bond or a zero coupon bond. Lopez needs to raise $1 million. What will be the price of an 8 percent coupon bond, and how many 8 percent coupon bonds will have to be issued? What will be the price of...
Sheridan Information Systems management is planning to issue 10-year bonds. The going market yield for such...
Sheridan Information Systems management is planning to issue 10-year bonds. The going market yield for such bonds is 8.450 percent. Assume that coupon payments will be made semiannually. Management is trying to decide between issuing an 8 percent coupon bond or a zero coupon bond. Sheridan needs to raise $1 million. What will be the price of an 8 percent coupon bond? (Round answer to 2 decimal places, e.g 15.25.) Bond value $ How many 8 percent coupon bonds would...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT