Network Hardening Techniques
Operating System (OS) hardening is the process of securing an operating system by reducing its attack surface. This is done by configuring the OS to be more secure and less vulnerable to attacks.
The Google Cybersecurity lays out a scenario where you are tasked with hardening a linux system. The scenario is as follows:
Network Hardening - Activity Instructions
Activity Overview​
In this activity, you will be presented with a scenario about a social media organization that recently experienced a major data breach caused by undetected vulnerabilities. To address the breach, you will identify some common network hardening tools that can be implemented to protect the organization’s overall security. Then, you will select a specific vulnerability that the company has and propose different network hardening methods. Finally, you will explain how the methods and tools you chose will be effective for managing the vulnerability and how they will prevent potential breaches in the future.
Topics:
- port-filtering
- network access privileges
- encryption over the network
Scenario​
Review the following scenario. Then complete the step-by-step instructions.
You are a security analyst working for a social media organization. The organization recently experienced a major data breach, which compromised the safety of their customers’ personal information, such as names and addresses. Your organization wants to implement strong network hardening practices that can be performed consistently to prevent attacks and breaches in the future.
After inspecting the organization’s network, you discover four major vulnerabilities. The four vulnerabilities are as follows:
-
The organization’s employees' share passwords
-
The admin password for the database is set to the default.
-
The firewalls do not have rules in place to filter traffic coming in and out of the network.
-
Multifactor authentication (MFA) is not used.
If no action is taken to address these vulnerabilities, the organization is at risk of experiencing another data breach or other attacks in the future.
In this activity, you will write a security risk assessment to analyze the incident and explain what methods can be used to further secure the network.
Step-By-Step Instructions​
We will use this template for our responses:
Security risk assessment report​
| Part 1: Select up to three hardening tools and methods to implement |
|---|
| Part 2: Explain your recommendations |
|---|
Resources​
Google provides a document with a list of network hardening tools and methods that you can use to secure the organization’s network. I won't provide the list here, but you can find it in the Google Cybersecurity Course.
Network Hardening Techniques - Solution​
The activity solutions are presented here in the Google provided tempalte but you can write your own responses in any logical format that suits your and gets the needed information to the right people.
| Part 1: Select up to three hardening tools and methods to implement |
|---|
Given the scenario, there are a number of network hardening tools and methods that can be implemented to protect the organization’s overall security. The following are three hardening tools and methods that can be implemented to address the vulnerabilities identified in the organization’s network:
|
| Part 2: Explain your recommendations |
|---|
The three hardening tools and methods recommended above are critical security measures that can help protect the organization’s network from unauthorized access, data breaches, and other security threats. By implementing multifactor authentication (MFA), strong password policies, and firewall rules, the organization can significantly reduce the risk of attacks and breaches, as well as improve the overall security of its network. Multifactor authentication (MFA) is an effective security measure that can help prevent unauthorized access to the organization’s network by requiring users to provide multiple forms of verification before they can log in. By requiring users to provide something they know (such as a password) and something they have (such as a mobile device), MFA adds an extra layer of security that can help protect against password theft and other forms of credential-based attacks. Strong password policies are another important security measure that can help protect the organization’s network from unauthorized access and data breaches. By requiring employees to use complex passwords that are difficult to guess or crack, the organization can reduce the risk of unauthorized access to sensitive data and systems. Strong password policies should include requirements for password length, complexity, and expiration, as well as restrictions on password reuse and sharing. Firewall rules are a critical security measure that can help protect the organization’s network from unauthorized access and malicious activity. By configuring the organization’s firewalls to filter traffic coming in and out of the network based on predefined rules, the organization can control the flow of data between its internal network and the internet, as well as between different parts of its internal network. Firewall rules can be used to block known malicious IP addresses, restrict access to sensitive systems and services, and prevent unauthorized data exfiltration. By implementing multifactor authentication (MFA), strong password policies, and firewall rules, the organization can significantly improve the security of its network and reduce the risk of attacks and breaches. These security measures should be implemented consistently and regularly reviewed and updated to ensure that the organization’s network remains secure and protected from evolving security threats. |