discussion deals with Operating systems and its vulnerabilities. An operating

 

discussion deals with Operating systems and its vulnerabilities.  An  operating system is defined as the following:  A software that manages  the hardware and software of a system.  It also provides the User  Interface that allows humans to interact with the system. As much of the  information is either created and/or stored in the system, securing the  OS requires a thorough understanding of the Operating system and how to  secure it.  There are many different types of operating systems that  exist, either for desktops, routers, switches, servers, and mobile  devices.

In the previous week’s discussion, you identified and discussed a system and its vulnerabilities. 

  1. Based on the definition above, please identify the operating  system.  Provide recommendations on how you would secure and harden the  operating system to ensure it has been configured more securely.
  2. Based on the system and its operating system, please research the  vendor and its website to identify any hardening guides and documents  you may find.  You may also research other sources on the Internet for a  hardening guide.  Some of useful sites you may visit are the following: 
    • SANS Information Security (Links to an external site.)  – SANS is a valuable information Security resource.  SANS organization  has been recognized within the Information Security community as an  indispensable tool for all security needs.  The reading room serves as  the repository on thousands of white papers and documents regarding  information security.  It has templates on creating InfoSec policies and  guidelines on how to configure IT systems securely.
    • Best Practices and How To Articles (Links to an external site.)  – Here is a collection of Information Security policy documents, best  practices, and how to articles for Information Security.  It can be used  to help develop hardening documents.
    • National Vulnerability Database Repository (Links to an external site.)  – National Institute of Standards and Technology is a government agency  that is tasked with developing standards on all technology, from IT to  non-IT technology and things like standard weights and measure.  Many  regulations that drive Information Security reference NIST as a source  for standard methodologies used in the industry.
  3. Based on your research, please list and discuss any operating system  configuration that needs to be evaluated and hardened.  Please identify  the default setting and what it needs to be to ensure a higher level of  security.  You should also indicate the importance of the setting.