the following are the 5 questions:
1. Why should the industry define baselining standards be used for system hardening?
Give example: 1 AWS, 1 server hardening
Why should configuration drifts/deviations be monitored and periodically scanned?
Give example: use Ansible as the tool used for configuration management
Why are asset discovery and periodic scans of assets important
Give example :
Why should (Security information and event management) SIEM alerts be ticketed
Give example: use Splunk for SIEM tool
Why should TLS 1.3 be used instead of 1.2?
Give example :
1. Why industry defined baselining standards should be used for system hardening
Hardening is meant for preventing default or weak credentials from getting used into the environment (Vacca, 2014). Hardening is becoming more important in ensuring that risks exposed to systems are at a minimum. One instance of missing the proper hardening is an open opportunity for attackers to strike. The industry set standards to ensure that the means being used for system hardening meet the right threshold.
AMS as a virtual server can be hardened just like a physical server. This allows for a reduced attack surface of a server to permit for reduced avenues of infiltration by external threats. The hardening allows for the removal of unnecessary services, old credentials and software. It also permits for updating of individual server nodes with tight security to conform to best practices.
2. Why configuration drifts/deviations should be monitored and periodically scanned
Constant monitoring of deviations helps eliminate drifts. It also helps lower costs as one can have a clear picture of the entire IT infrastructure and point out duplications and rectify them. There is also high productivity since there is the creation of a consistent and known configuration which allows for batch infrastructure creation. It also enables faster debugging which helps in ruling out configuration errors. Through this, there is a faster resolution of tickets. Ansible is a tool of configuration management that helps provide large productivity gains for several automation challenges (Das, 2016). It helps automate complex multi-tier IT application environments.
3. Why asset discovery and periodic scans of assets are important
Asset discovery helps in securing a database and maintaining it on all network and domain credentials. It also helps in importing asset details from different sites using remote scanning techniques, schedule synchronization of asset data, and planning periodic audits and scans. Asset discovery brings out visibility to make data-driven decisions and helps avoid unnecessary software purchases. It also helps in giving automatic notifications to technicians. Periodic scans help in cleaning up to reduce clutter. For example, AT&T telecommunication company uses assets discovery and periodic scans for detecting and responding quickly to malware and other threats.
4. Why Security Information and Event Management (SIEM) alerts should be ticketed
A ticketing system helps document abuse on a one on one basis so as to provide real-time analytics for identifying sources of abuse. Ticketing helps give each case an identity. Without an identity, there is a possibility of having something like 50 reports that perhaps report same DDoS attack which could prove rigorous before one identifies that they are all similar. Ticketing helps save time by giving a unique to every abuse report (Miller, 2010).
Splunk helps in tackling real-time security monitoring, advanced threat detection, forensics and incident management. It also helps in improving visibility across multi-cloud environments and cross-collaboration to form a strong security posture.
5. Why use TLS 1.3 rather than 1.2
TLS 1.3 should be used rather than TLS 1.2 since it offers additional privacy for data exchanges by encrypting more of the negotiation handshake to protect it from eavesdroppers. This enhancement helps in protecting the identity of participants and impede traffic analysis. TLS 1.3 also assists in maintaining secrecy. The current communications, therefore, remain secure even if future communications are compromised.
Transport Layer Security (TLS) 13 is widely used to encrypt data transmitted between Internet hosts, with the most popular use being for secure web browser connections. One example where TLS 1.3 is used is in Google Chrome.
Miller, D. (2010). Security information and event management (SIEM) implementation. New York: McGraw-Hill.
Das, R. (2016). Extending Ansible. Birmingham: Packt Publishing, Limited.
Vacca, J. R. (2014). Network and system security. Amsterdam: Syngress.
Such a cheap price for your free time and healthy sleep
All online transactions are done using all major Credit Cards or Electronic Check through PayPal. These are safe, secure, and efficient online payment methods.