Apply Common Security Techniques to Computing Resources PDF

Summary

This document provides a comprehensive overview of applying common security techniques to computing resources. It explores secure baselines, hardening targets across various devices (mobile, workstations, etc.), and application security techniques, including input validation. The document also includes case studies and review questions related to the topic.

Full Transcript

Apply Common Security Techniques to Computing
Resources - GuidesDigest Training

Chapter 4: Security Operations

Secure Baselines
Secure baselines are standardized configurations for IT systems. A secure baseline ensures that all
systems start from a position of security before they’re customized according to organizational
needs.

Note: Always remember that a secure baseline is a starting point. From here, you’d adjust and
customize while maintaining a security posture.

Establishing Secure Baselines: To establish a secure baseline, it’s crucial first to identify the
minimum necessary functionalities and services for a system to fulfill its role.

For example, a database server doesn’t need to have a web server service running. Therefore, in a
secure baseline for a database server, the web server service would be disabled.

Deploying Secure Baselines: Deployment often involves automated processes or scripts,
ensuring consistent application across multiple systems.

Tools like Group Policy for Windows or configuration management software like Ansible can help
with this.

Maintaining Secure Baselines: Maintenance requires regular reviews and updates to the
baseline. As software gets updated or new vulnerabilities are found, the baseline needs adjustments
to remain secure.

Hardening Targets
Mobile Devices: As a commonly used device in most businesses, mobiles often contain sensitive
information. Hardening might involve encrypting the device, ensuring screen locks are enabled, or
restricting application installations.

Workstations: These are the daily drivers for most employees. Ensuring they are patched, have
updated antivirus, and have unnecessary services turned off are all part of hardening.

Switches and Routers: Often overlooked, these devices are gateways to our networks. Changing
default passwords, disabling unused ports, and using secure protocols (like SSH instead of Telnet)
are key here.

Cloud Infrastructure: Given the shared responsibility model, hardening might involve ensuring
proper IAM configurations, encrypting data at rest and in transit, and regularly reviewing access
logs.

Servers and ICS/SCADA: These are critical infrastructural components. Regular patches,
minimizing software, and using firewalls are necessary hardening measures. For ICS/SCADA, it’s
also vital to segregate them from regular networks due to their critical nature.

Embedded Systems, RTOS, IoT devices: Often have limited resources, so hardening could
involve disabling unnecessary services or features, using secure communication protocols, and
ensuring regular firmware updates.

Wireless Devices: This section demands special attention given the inherent vulnerabilities with
wireless communication.

Installation Considerations: Always consider the physical security of the device. It should
be placed in a secure, tamper-evident location.
Site Surveys and Heat Maps: Essential for understanding signal strength throughout your
facility. This prevents “dead zones” and ensures connectivity.
Mobile Solutions: MDM tools help businesses manage and secure their mobile devices.
Deployment Models: BYOD, COPE, and CYOD all have their pros and cons. For instance,
BYOD can save costs but may introduce security issues if not properly managed.
Connection Methods: Each method (Cellular, Wi-Fi, Bluetooth) has its vulnerabilities. For
instance, Wi-Fi can be prone to “Evil Twin” attacks.
Wireless Security Settings: WPA3 is the latest and most secure. AAA/RADIUS helps in
centralized authentication. Always ensure the latest cryptographic and authentication
protocols.

Application Security Techniques
Understanding how applications can be exploited is the first step in securing them. Using input
validation prevents SQL injections. Secure cookies prevent session hijacking.

Static code analysis can identify vulnerabilities in the codebase. Code signing ensures the integrity
of the code being run, and sandboxing allows potentially harmful code to run in isolated
environments.

Case Studies
1. ABC Corp’s Ransomware Attack: This case study can discuss how a workstation that
wasn’t part of the secure baseline got infected and led to a larger breach.
2. XYZ Ltd’s Cloud Misconfiguration: How a misconfigured S3 bucket in AWS led to a
massive data leak, emphasizing the importance of hardening cloud infrastructure.

Summary
Establishing, deploying, and maintaining a secure baseline is fundamental to ensuring system
security. Hardening various targets, from mobile devices to servers, ensures that potential
vulnerabilities are minimized. Additionally, with wireless devices becoming ubiquitous, special
attention needs to be given to their security.

Review Questions
1. What is the purpose of a secure baseline?
 2. Name three techniques to harden a mobile device.
3. Describe the difference between BYOD, COPE, and CYOD.
4. Why is input validation crucial in application security?

Key Points
Secure baselines are the starting point for system configurations.
Hardening is a continuous process and should be tailored to the device or system.
Wireless devices, given their nature, need special attention in terms of security.
Proper application security techniques can prevent a wide array of attacks.

Practical Exercises
1. Set up a basic server and apply a secure baseline to it.
2. Conduct a site survey in your office/home to understand Wi-Fi strength.
3. Set up a simple web application and implement input validation to prevent SQL injection.