Order from us for quality, customized work in due time of your choice.
Lab Assignment 2 – Patch, Harden, Protect
One of the most effective ways to pre
Lab Assignment 2 – Patch, Harden, Protect
One of the most effective ways to prevent breaches is to
harden systems. Penetration testers and malicious attackers often rely on
default credentials or services open by default to gain a foothold into a
“secure” environment. By creating a secure baseline for your server or endpoint
you reduce your attack surface. Reducing your attack surface makes your system
more difficult to breach. This is often the major difference between
organizations that are breached and those that are not. Attackers consistently
look for the “lowest hanging fruit” to attack.
Luckily, there are numerous organizations that work
tirelessly to create and maintain hardening guidelines so that organizations
can easily implement the latest in security best practices. In this lab you
will review the controls and guidelines produced by the Center for Internet
Security (CIS) to get a better understanding of how to approach information
security, and more specifically, harden Windows 10 and Redhat Linux operating
systems.
Objective:
The student will become familiar with the CIS Controls and
the CIS Benchmarks for Windows 10 and Redhat Linux.
Task 1: Learn about CIS, review the CIS Controls, and
Windows 10 and Redhat Linux Benchmarks
1.
Read this document from Microsoft discussing who
the CIS is and the nature of their relationship with Microsoft.
https://learn.microsoft.com/en-us/compliance/regulatory/offering-CIS-Benchmark?view=o365-worldwide
2.
Download the CIS Controls PDF and review it
3.
Download the Windows 10 Enterprise and Redhat
Linux Benchmarks PDFs and review them.
Lab Write up
Based on the information above, and research from the
internet, perform the following tasks:
1.
List each CIS control and write a brief
description each of the CIS Controls.
2.
Which CIS Control do you think is the hardest
for organizations to implement? Why?
3.
Describe the difference between the Level 1 and
Level 2 settings in the CIS benchmarks?
4.
To familiarize yourself with the Windows 10
Enterprise Benchmarks, list the 19 recommendation categories defined in the
document (HINT: The first one is Account Policies).
5.
To familiarize yourself with the Redhat Linux
Benchmarks, list the 6 recommendation categories defined in the document (HINT:
The first one is Initial Setup).
6.
What are some similarities that you see between
recommendations in the Windows 10 and Redhat Linux Benchmarks?
7.
What are some differences that you see between
recommendations in the Windows 10 and Redhat Linux Benchmarks?
8.
Why do you think it is important to follow
common best practices like the CIS benchmarks when hardening systems?
Complete in a Word Document answering all 8 questions
NOTE:
You are not reading the entire PDF for the CIS Controls, Windows 10 Enterprise, and Rehat Linux benchmarks.
Simply reference the PDF for information to answer the questions
Order from us for quality, customized work in due time of your choice.