| new skills - Team Nuggets
New Training: Mitigation Techniques
In this 11-video skill, CBT Nuggets trainer Anthony Sequeira covers network device hardening and various mitigation techniques. Watch this new networking training.
Watch the full course: CompTIA Network+
This training includes:
- 11 videos
- 53 minutes of training
You’ll learn these topics in this skill:
- Mitigation Techniques: Network Device Hardening
- Mitigation Techniques: Hardening a Windows Server System
- Mitigation Techniques: Signature Management
- Mitigation Techniques: File Integrity Monitoring
- Mitigation Techniques: Privileged User Accounts and Role Separation
- Mitigation Techniques: Network Segmentation
- Mitigation Techniques: Switch Port Protections
- Mitigation Techniques: The Native VLAN
- Mitigation Techniques: Filtering with Access Control Lists (ACLs)
- Mitigation Techniques: Honeypots and Honeynets
- Mitigation Techniques: Penetration Testing
What is Device Hardening?
Device hardening is the process of reducing security vulnerabilities in the devices that you provision in your organization. You generally harden devices before they are provisioned, so that, from the moment that they enter their service life, they are as impervious as possible against threats. You then must maintain their hardened state throughout their lifecycle. Often hardening is mandated by regulations, such as PCI DSS (Payment Card Industry Data Security Standard) and HIPAA (Health Insurance Portability and Accountability Act).
There are many ways that you can harden devices. This includes:
Keeping device firmware up-to-date and installing security patches when they become available.
Disabling any ports, services and protocols that are not absolutely necessary.
Continuously ensuring that the device's configuration meets the latest best practices.
Properly implementing authentication, authorization and accounting.
Using secure protocols.
Implementing security controls, such as password management and file permissions.
Implementing least privilege on both user accounts and file systems.