Network hardening Make sure your firewall is correctly configured, that all rules are periodically reviewed, that remote access points and users are secure, that any open network ports are blocked, that extraneous protocols and services are disabled and removed, that access lists are in place, and that network data is encrypted. Systems Hardening Audit your current systems: Conduct a thorough audit of your current technologies (you can use). To identify system weaknesses and order remedies, use security auditing techniques like configuration management, vulnerability scanning, and penetration testing. Utilize industry standards from NIST, Microsoft, CIS, DISA, and other sources to conduct system hardening assessments against resources. Create a strategy for systems hardening: Not every system needs to be hardened at once. Instead, develop a strategy and plan based on the risks found in your IT ecosystem, and then utilize a staged approach to fix the most serious issues. Patch ...
Network Threats
Information gathering
Sniffing & Eavesdropping
Spoofing
Session hijacking
Man-in-the-Middle Attack
DNS & ARP Poisoning
Password-based Attacks
Denial-of-Services Attacks
Compromised Key Attacks
Firewall & IDS Attacks
Host Threats
Malware Attacks
Footprinting
Password Attacks
Denial-of-Services Attacks
Arbitrary code execution
Unauthorized Access
Privilege Escalation
Backdoor Attacks
Physical Security Threats
Application Threats
Improper Data / Input Validation
Authentication & Authorization Attack
Security Misconfiguration
Information Disclosure
Broken Session Management
Buffer Overflow Issues
Cryptography Attacks
SQL Injection
Improper Error handling & Exception Management
Comments
Post a Comment