Chapter Summary

Chapter Summary

Chapter Summary
(See related pages)

Security Baselines

The process of establishing a system’s security state is called baselining, and the resulting product is a security baseline that allows the system to run safely and securely.

Security baselines are critical to protecting information systems, particularly those allowing connections from external users.

Hardening is the process by which operating systems, network resources, and applications are secured against possible attacks.

Password Selection

The first step in addressing the password issue is to create an effective and manageable password policy that both system administrators and users can work with.

There are many tools available to help enforce the selection of strong, hard-to-guess passwords.

Selecting passwords based on “passphrases” can be an easy and effective method of selecting a good password.

Users should change their passwords every 60 to 90 days and should not

be allowed to reuse old passwords.

Operating System and Network Operating System Hardening

Securing operating systems consists of removing or disabling unnecessary services, restricting permissions on files and directories, removing unnecessary software (or not installing it in the first place), applying the latest patches, removing unnecessary user accounts, and ensuring strong password guidelines are in place.

There are many good resources, such as Microsoft’s security checklists, that can assist system administrators in securing their systems.

Hardening Microsoft, UNIX, and Mac OS operating systems follow the same basic guidelines, but each OS has specific steps and guidelines that must be followed to ensure that a particular OS is secure.

Ensuring systems are patched in a timely manner is critical to maintaining a secure state.

Network Hardening

Securing network resources consists of disabling unnecessary functions, restricting access to ports and services, ensuring strong passwords are used, and ensuring the code on the network devices is patched and up-to-date.

Controlling the types and amount of traffic allowed to move through network devices can help ensure effective, secure operations.

Application Hardening

Securing applications depends heavily on the application involved, but typically consists of removing samples and default materials, preventing reconnaissance attempts, and ensuring the software is patched and up-to-date.

Application patches should be tested before they are placed on a production system.

Instructor Edition

Student Edition

Instructor Log In

Notes

Instructor Log In

Log In
You must be a registered user to view the premium content in this website. If you already have a username and password, enter it below. If your textbook came with a card and this is your first visit to this site, you can use your registration code to register.
Username:
Password:
	Forgot your password?

Instructor Log In

Site Preferences	(Log out)

		Send mail as:

TA email:
Other email:

"Floating" navigation?
Drawer speed:

Notes		(What is this?)

Add a note
1.	(optional) Enter a note here:
2.	(optional) Select some text on the page (or do this before you open the "Notes" drawer).
3.	Highlighter Color:
4.

Search
Search for:
Search in:

Home > Chapter 14 > Chapter Summary

	Course-wide Content
		Glossary Textbook Updates

	Quizzes
		Multiple Choice Quiz
	More Resources
		Chapter Outline Chapter Summary

	Instructor Resources
		Projects Updates for Instructors NWCET Info

	Course-wide Content
		Glossary Textbook Updates

	Instructor Resources
		Instructors' Manual PowerPoint Presentation Answer Key NWCET Activity Image Library

	Quizzes
		Multiple Choice Quiz
	More Resources
		Chapter Outline Chapter Summary