Module 113

Uploaded by

bhattiofficial06

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

17 views8 pages

Module 113

Uploaded by

bhattiofficial06

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 8

SECURITY HARDENING – LIFECYCLE

• Security Hardening
Lifecycle: Maintaining
An Integrated & Current
Program

1
SECURITY HARDENING – LIFECYCLE

1. Harden IT Asset

5. Pursue Controls
2. Periodic
That May Require
Validation
Additional Working

3. Seek Updates
4. Implement
On Hardening
Additional Controls
Benchmarks

2
SECURITY HARDENING – LIFECYCLE

1: Harden IT Asset
Pursue the 8 step
hardening methodology

3
SECURITY HARDENING – LIFECYCLE

1. Identify critical 6. Validation of 7. Change

assets (& asset control management
owner) implementation process for PROD

2. Research on 5. Implement
8. Implement on
applicable controls on test
PROD & monitor
security controls setup

3. Checklist of
4. Document
applicable
controls into SOP
controls

4
SECURITY HARDENING – LIFECYCLE

2: Periodic Validation
Check periodically (every
quarter) for changes to the
established standard or
baseline

5
SECURITY HARDENING – LIFECYCLE

3: Seek Updated On
Hardening Benchmarks
• Benchmarks are
periodically updated
• Subscribe to feeds from
CIS, DISA, NIST NCP
(National Checklist
Program) Repository

6
SECURITY HARDENING – LIFECYCLE

4: Implement Additional
Controls
• Update the security
controls by studying the
changes

7
SECURITY HARDENING – LIFECYCLE

5: Pursue & Implement

Controls That May Require
Additional Working
• Some controls may have
caused a crash or
malfunction
• Some controls may have
not been possible due to
dependencies or missing
utilities
END • Enhance the % of
implemented controls
8

INE Intro To Cyber Security Hardening
No ratings yet
INE Intro To Cyber Security Hardening
55 pages
Endpoint Hardening Checklist 1682068842
No ratings yet
Endpoint Hardening Checklist 1682068842
10 pages
Chapter 3 - Operating Systems Security
No ratings yet
Chapter 3 - Operating Systems Security
33 pages
Security Hardening Notes
No ratings yet
Security Hardening Notes
6 pages
GM Manual
100% (1)
GM Manual
29 pages
CS205
No ratings yet
CS205
68 pages
Cosec Device Api - v1.0
100% (1)
Cosec Device Api - v1.0
91 pages
Racunarske Mreze I Zastita
No ratings yet
Racunarske Mreze I Zastita
205 pages
SQL Database Azure
No ratings yet
SQL Database Azure
800 pages
NonStop TBC 2015 - NonStop System Hardening PDF
No ratings yet
NonStop TBC 2015 - NonStop System Hardening PDF
38 pages
1210 Lansche Advanced Hardening 1
No ratings yet
1210 Lansche Advanced Hardening 1
52 pages
Week 07 Slides
No ratings yet
Week 07 Slides
33 pages
SAP Hardening and Patch Management Guide For Windows Server
No ratings yet
SAP Hardening and Patch Management Guide For Windows Server
101 pages
SDLC
No ratings yet
SDLC
21 pages
Secure SW Application-Chapter Four
No ratings yet
Secure SW Application-Chapter Four
7 pages
Information Security Transformation-Nahil Mahmood-Lecture 113
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 113
8 pages
Principles of Computer Security - Wm. Arthur Conklin & Greg White & Chuck Cothren & Roger L. Davis & Dwayne Williams Download PDF
No ratings yet
Principles of Computer Security - Wm. Arthur Conklin & Greg White & Chuck Cothren & Roger L. Davis & Dwayne Williams Download PDF
54 pages
Information Security - Lecture 16
No ratings yet
Information Security - Lecture 16
9 pages
1.2 System Lifecycle Management - 1-1
No ratings yet
1.2 System Lifecycle Management - 1-1
35 pages
Sap Hardening and Patch Management Guide For Windows Server
No ratings yet
Sap Hardening and Patch Management Guide For Windows Server
102 pages
Module 11 Maintaining InfoSec 211
No ratings yet
Module 11 Maintaining InfoSec 211
57 pages
Module 3 - Managing Data, Application, and Host Security New-Merged
No ratings yet
Module 3 - Managing Data, Application, and Host Security New-Merged
137 pages
Device Hardening Sample
No ratings yet
Device Hardening Sample
5 pages
CC Domain5
No ratings yet
CC Domain5
35 pages
Information Security Maintenance
No ratings yet
Information Security Maintenance
58 pages
Continuous Learning Approach
No ratings yet
Continuous Learning Approach
4 pages
Security Hardening 2
No ratings yet
Security Hardening 2
19 pages
Software Application Security in Software Hardening Notes
No ratings yet
Software Application Security in Software Hardening Notes
7 pages
Data Theft Prevention Techniques - Hardening
No ratings yet
Data Theft Prevention Techniques - Hardening
32 pages
Information Security Transformation-Nahil Mahmood-Lecture 59
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 59
8 pages
Net Forensics
No ratings yet
Net Forensics
12 pages
Information Security Transformation-Nahil Mahmood-Lecture 55
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 55
8 pages
Information Security Transformation-Nahil Mahmood-Lecture 94
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 94
9 pages
Sound Exchange - The Registration Process
No ratings yet
Sound Exchange - The Registration Process
19 pages
Secure SDLC Workshop - SelfPaced Online Training Program
No ratings yet
Secure SDLC Workshop - SelfPaced Online Training Program
5 pages
KPDCL Sop Hardning
No ratings yet
KPDCL Sop Hardning
6 pages
Live Online - 30+ Hours - Evening Batch - Online Lab Access - SWADLP' Exam Attempt Aligned With Software Security Standards and Best Practices
No ratings yet
Live Online - 30+ Hours - Evening Batch - Online Lab Access - SWADLP' Exam Attempt Aligned With Software Security Standards and Best Practices
5 pages
SSDLC
No ratings yet
SSDLC
2 pages
Dsadasdasd
No ratings yet
Dsadasdasd
3 pages
Unit 1.1 (Application - Security)
No ratings yet
Unit 1.1 (Application - Security)
27 pages
Information Security Transformation-Nahil Mahmood-Lecture 16
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 16
9 pages
Very Important: - Types of Activities For Security Engineering
No ratings yet
Very Important: - Types of Activities For Security Engineering
14 pages
Hardening Document Sample0
No ratings yet
Hardening Document Sample0
2 pages
Endpoint Hardening Checklist: A Defender's Guide For Protecting Systems & Reducing Attack Surface
No ratings yet
Endpoint Hardening Checklist: A Defender's Guide For Protecting Systems & Reducing Attack Surface
10 pages
Perimeter Intrusion Detection System Brochure
No ratings yet
Perimeter Intrusion Detection System Brochure
16 pages
The Ciso'S Guide To Modern Appsec: Bsimm11 Digest
No ratings yet
The Ciso'S Guide To Modern Appsec: Bsimm11 Digest
9 pages
Hacking
No ratings yet
Hacking
24 pages
Overcoming The 3 Biggest Challenges in System Hardening
No ratings yet
Overcoming The 3 Biggest Challenges in System Hardening
6 pages
Endpoint Hardening Checklist
No ratings yet
Endpoint Hardening Checklist
10 pages
Information Security Transformation-Nahil Mahmood-Lecture 6
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 6
6 pages
Security Ciso Worksho Zero Threatp
No ratings yet
Security Ciso Worksho Zero Threatp
26 pages
Topic 1.1 - Introduction To Information and Communication Technology
No ratings yet
Topic 1.1 - Introduction To Information and Communication Technology
36 pages
WU Criptography
No ratings yet
WU Criptography
14 pages
QR@EMI
No ratings yet
QR@EMI
4 pages
005 - Cybersecurity Fundamentals Module 5 Security Operations
No ratings yet
005 - Cybersecurity Fundamentals Module 5 Security Operations
25 pages
A Survey On The Cyber Security of Small-to-Medium
No ratings yet
A Survey On The Cyber Security of Small-to-Medium
19 pages
Certified Information Systems Risk and Compliance Professional (CISRCP)
No ratings yet
Certified Information Systems Risk and Compliance Professional (CISRCP)
8 pages
Information Security Transformation-Nahil Mahmood-Lecture 61
No ratings yet
Information Security Transformation-Nahil Mahmood-Lecture 61
5 pages
What Is The Secure Software Development Life Cycle - Synopsys
No ratings yet
What Is The Secure Software Development Life Cycle - Synopsys
2 pages
Module 3 - Managing Data, Application, and Host Security New
No ratings yet
Module 3 - Managing Data, Application, and Host Security New
61 pages
The Complete System Hardening Cheat Sheet
No ratings yet
The Complete System Hardening Cheat Sheet
6 pages
Linksys WAP2000 Manual
No ratings yet
Linksys WAP2000 Manual
40 pages
Sub-Divisional Office Procedure Reconnection Code Page CP-05 1 of 5 Reference General System Description
No ratings yet
Sub-Divisional Office Procedure Reconnection Code Page CP-05 1 of 5 Reference General System Description
5 pages
Interview
No ratings yet
Interview
5 pages
Check Spam PDF
0% (1)
Check Spam PDF
14 pages
Building Management System (BMS) OR Building Automation System (BAS)
No ratings yet
Building Management System (BMS) OR Building Automation System (BAS)
23 pages
Oracle R12 E-Business Suite (ERP - Enterprise Resource Planning) Technical and Functional Training Manuals
No ratings yet
Oracle R12 E-Business Suite (ERP - Enterprise Resource Planning) Technical and Functional Training Manuals
7 pages
The Elgamal Digital Signature: Define GF (P) F
No ratings yet
The Elgamal Digital Signature: Define GF (P) F
7 pages
Blockchain and Cloud Computing-A Review
No ratings yet
Blockchain and Cloud Computing-A Review
5 pages
Nis-1 5
No ratings yet
Nis-1 5
5 pages
1370 Application For Special Admission To Membership FAi
No ratings yet
1370 Application For Special Admission To Membership FAi
10 pages
S e R V e R H: Server Hardening
No ratings yet
S e R V e R H: Server Hardening
3 pages
Vulnerabilities of DES (Improved)
No ratings yet
Vulnerabilities of DES (Improved)
3 pages
Daylight Robbery Pbta RPG
0% (1)
Daylight Robbery Pbta RPG
4 pages
Application Security by Design PDF
No ratings yet
Application Security by Design PDF
16 pages
Mekanikal Dan Elektrikal Part Aircond
No ratings yet
Mekanikal Dan Elektrikal Part Aircond
2 pages
Common Admission Test 2017 Admit Card
No ratings yet
Common Admission Test 2017 Admit Card
1 page
Project Synopsis: Submitted in The Partial Fulfilment of The Requirements For The Degree of
No ratings yet
Project Synopsis: Submitted in The Partial Fulfilment of The Requirements For The Degree of
3 pages
O/o The General Manager, Nodal Center South Zone II Floor, Amenity Block, Cantonment, Trichy-620 001 PH: 0431 - 241 3899
No ratings yet
O/o The General Manager, Nodal Center South Zone II Floor, Amenity Block, Cantonment, Trichy-620 001 PH: 0431 - 241 3899
2 pages
Call Letter - JK Bank
No ratings yet
Call Letter - JK Bank
2 pages
ISA 61511 Safety Integrity Level (SIL) Selection Specialist: Certification Exam Prep
From Everand
ISA 61511 Safety Integrity Level (SIL) Selection Specialist: Certification Exam Prep
Steve Brown
No ratings yet
ISA/IEC 61511 Safety Instrumented Systems (SIS) Fundamentals: Certification Exam Prep
From Everand
ISA/IEC 61511 Safety Instrumented Systems (SIS) Fundamentals: Certification Exam Prep
Steve Brown
No ratings yet
JUnit in Depth: Definitive Reference for Developers and Engineers
From Everand
JUnit in Depth: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
About Kubernetes and Security Practices - Short Edition: First Edition, #1
From Everand
About Kubernetes and Security Practices - Short Edition: First Edition, #1
Ami Adi
No ratings yet
NUnit in Practice: Definitive Reference for Developers and Engineers
From Everand
NUnit in Practice: Definitive Reference for Developers and Engineers
Richard Johnson
No ratings yet
Structured Software Testing: The Discipline of Discovering
From Everand
Structured Software Testing: The Discipline of Discovering
Arunkumar Khannur
No ratings yet
Advanced Process Control: Beyond Single Loop Control
From Everand
Advanced Process Control: Beyond Single Loop Control
Cecil L. Smith
No ratings yet
Regulatory Oversight of Ageing Management and Long Term Operation Programme of Nuclear Power Plants
From Everand
Regulatory Oversight of Ageing Management and Long Term Operation Programme of Nuclear Power Plants
IAEA
No ratings yet
The Concise Calibration & Test Equipment Management Guide: The Concise Collection, #1
From Everand
The Concise Calibration & Test Equipment Management Guide: The Concise Collection, #1
Adrian Brown
4.5/5 (2)
Risk Assessment for Asset Owners
From Everand
Risk Assessment for Asset Owners
Alan Calder
4.5/5 (3)

Module 113

Uploaded by

Module 113

Uploaded by

SECURITY HARDENING – LIFECYCLE

1. Identify critical 6. Validation of 7. Change

5: Pursue & Implement

You might also like